Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
ZeTA - Zero-Trust Authentication: Relying on Innate Human Ability, not Technology
Tech Univ Darmstadt, Darmstadt, Germany.
Glasgow University, Scotland.
Glasgow University, Scotland.
Tech Univ Darmstadt, Darmstadt, Germany.
Vise andre og tillknytning
2016 (engelsk)Inngår i: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), IEEE, 2016, s. 357-371Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Reliable authentication requires the devices and channels involved in theprocess to be trustworthy; otherwise authentication secrets can easily becompromised. Given the unceasing efforts of attackers worldwide suchtrustworthiness is increasingly not a given. A variety of technicalsolutions, such as utilising multiple devices/channels and verificationprotocols, has the potential to mitigate the threat of untrustedcommunications to a certain extent. Yet such technical solutions make twoassumptions: (1) users have access to multiple devices and (2) attackerswill not resort to hacking the human, using social engineering techniques.In this paper, we propose and explore the potential of using human-basedcomputation instead of solely technical solutions to mitigate the threat ofuntrusted devices and channels. ZeTA (Zero  Trust Authentication on untrusted channels) has the potentialto allow people to authenticate despite compromised channels orcommunications and easily observed usage. Our contributions are threefold:(1) We propose the ZeTA protocol with a formal definition and securityanalysis that utilises semantics and human-based computation to amelioratethe problem of untrusted devices and channels.(2) We  outline a security analysis to assess the envisaged performance ofthe proposed authentication protocol.(3) We report on  a  usability study that explores the viability of relyingon human computation in this context.

sted, utgiver, år, opplag, sider
IEEE, 2016. s. 357-371
Serie
IEEE Symposium on Security and Privacy, ISSN 1081-6011
Emneord [en]
MRC PSYCHOLINGUISTIC DATABASE; SEMANTIC RELATIONS; COMMUNICATION; SIMILARITY; ENGLISH
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-42084DOI: 10.1109/EuroSP.2016.35ISI: 000386286200023ISBN: 978-1-5090-1751-5 (tryckt)OAI: oai:DiVA.org:kau-42084DiVA, id: diva2:930056
Konferanse
EuroS&P'16 : IEEE European Symposium on Security and Privacy, 21-24 March 2016, Saarbrucken
Tilgjengelig fra: 2016-05-21 Laget: 2016-05-21 Sist oppdatert: 2018-06-04bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fulltekst

Personposter BETA

Volkamer, Melanie

Søk i DiVA

Av forfatter/redaktør
Volkamer, Melanie
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 168 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf