Accession Number : ADA619643

Title :   Usable Multi-factor Authentication and Risk-based Authorization

Descriptive Note : Final rept. Aug 2011-Dec 2014

Corporate Author : INTERNATIONAL BUSINESS MACHINES CORP YORKTOWN HEIGHTS NY

Personal Author(s) : Koved, Larry

PDF Url : ADA619643

Report Date : Jun 2015

Pagination or Media Count : 148

Abstract : This effort developed a set of usable authentication and authorization technologies that create a strong tie between transactional identity and physical identity. Specifically, the effort conducted psychometric studies on the end user perception of risk and used this to drive mechanisms to align end-user perception of risk with the actual value at-risk in transactions. Used sensors available on mobile phones to design multi-factor authentication based on a fusion of biometric sensors chosen for optimal performance. Explored how risk indicators and authentication interfaces will be securely implemented on mobile platforms. Investigated protocols to maintain the integrity and liveness of biometric data, enhance d user trust in the authentication process, and balanced the security requirements of the user and the service provider.

Descriptors :   *BIOMETRIC SECURITY, *COMPUTER NETWORK SECURITY, *INFORMATION ASSURANCE, *MOBILE COMPUTING, BAYES THEOREM, BEHAVIOR, COMMUNICATIONS PROTOCOLS, COMPUTER ACCESS CONTROL, COMPUTER APPLICATIONS, COMPUTER VIRUSES, GRAPHICAL USER INTERFACE, IDENTIFICATION SYSTEMS, INTERNET, MARKUP LANGUAGES, MULTISENSORS, OPTIMIZATION, PERCEPTION, PROBABILITY, PSYCHOMETRICS, RISK ANALYSIS, STANDARD DEVIATION, SYSTEMS ENGINEERING, UNCERTAINTY

Subject Categories : Psychology
      Statistics and Probability
      Computer Programming and Software
      Computer Systems Management and Standards
      Biomedical Instrumentation and Bioengineering

Distribution Statement : APPROVED FOR PUBLIC RELEASE