Designing Usable and Secure Authentication Mechanisms for Public Spaces
Beschreibung
vor 13 Jahren
Usable and secure authentication is a research field that
approaches different challenges related to authentication,
including security, from a human-computer interaction perspective.
That is, work in this field tries to overcome security,
memorability and performance problems that are related to the
interaction with an authentication mechanism. More and more
services that require authentication, like ticket vending machines
or automated teller machines (ATMs), take place in a public
setting, in which security threats are more inherent than in other
settings. In this work, we approach the problem of usable and
secure authentication for public spaces. The key result of the work
reported here is a set of well-founded criteria for the systematic
evaluation of authentication mechanisms. These criteria are
justified by two different types of investigation, which are on the
one hand prototypical examples of authentication mechanisms with
improved usability and security, and on the other hand empirical
studies of security-related behavior in public spaces. So this work
can be structured in three steps: Firstly, we present five
authentication mechanisms that were designed to overcome the main
weaknesses of related work which we identified using a newly
created categorization of authentication mechanisms for public
spaces. The systems were evaluated in detail and showed encouraging
results for future use. This and the negative sides and problems
that we encountered with these systems helped us to gain diverse
insights on the design and evaluation process of such systems in
general. It showed that the development process of authentication
mechanisms for public spaces needs to be improved to create better
results. Along with this, it provided insights on why related work
is difficult to compare to each other. Keeping this in mind, first
criteria were identified that can fill these holes and improve
design and evaluation of authentication mechanisms, with a focus on
the public setting. Furthermore, a series of work was performed to
gain insights on factors influencing the quality of authentication
mechanisms and to define a catalog of criteria that can be used to
support creating such systems. It includes a long-term study of
different PIN-entry systems as well as two field studies and field
interviews on real world ATM-use. With this, we could refine the
previous criteria and define additional criteria, many of them
related to human factors. For instance, we showed that social
issues, like trust, can highly affect the security of an
authentication mechanism. We used these results to define a catalog
of seven criteria. Besides their definition, we provide information
on how applying them influences the design, implementation and
evaluation of a the development process, and more specifically, how
adherence improves authentication in general. A comparison of two
authentication mechanisms for public spaces shows that a system
that fulfills the criteria outperforms a system with less
compliance. We could also show that compliance not only improves
the authentication mechanisms themselves, it also allows for
detailed comparisons between different systems.
approaches different challenges related to authentication,
including security, from a human-computer interaction perspective.
That is, work in this field tries to overcome security,
memorability and performance problems that are related to the
interaction with an authentication mechanism. More and more
services that require authentication, like ticket vending machines
or automated teller machines (ATMs), take place in a public
setting, in which security threats are more inherent than in other
settings. In this work, we approach the problem of usable and
secure authentication for public spaces. The key result of the work
reported here is a set of well-founded criteria for the systematic
evaluation of authentication mechanisms. These criteria are
justified by two different types of investigation, which are on the
one hand prototypical examples of authentication mechanisms with
improved usability and security, and on the other hand empirical
studies of security-related behavior in public spaces. So this work
can be structured in three steps: Firstly, we present five
authentication mechanisms that were designed to overcome the main
weaknesses of related work which we identified using a newly
created categorization of authentication mechanisms for public
spaces. The systems were evaluated in detail and showed encouraging
results for future use. This and the negative sides and problems
that we encountered with these systems helped us to gain diverse
insights on the design and evaluation process of such systems in
general. It showed that the development process of authentication
mechanisms for public spaces needs to be improved to create better
results. Along with this, it provided insights on why related work
is difficult to compare to each other. Keeping this in mind, first
criteria were identified that can fill these holes and improve
design and evaluation of authentication mechanisms, with a focus on
the public setting. Furthermore, a series of work was performed to
gain insights on factors influencing the quality of authentication
mechanisms and to define a catalog of criteria that can be used to
support creating such systems. It includes a long-term study of
different PIN-entry systems as well as two field studies and field
interviews on real world ATM-use. With this, we could refine the
previous criteria and define additional criteria, many of them
related to human factors. For instance, we showed that social
issues, like trust, can highly affect the security of an
authentication mechanism. We used these results to define a catalog
of seven criteria. Besides their definition, we provide information
on how applying them influences the design, implementation and
evaluation of a the development process, and more specifically, how
adherence improves authentication in general. A comparison of two
authentication mechanisms for public spaces shows that a system
that fulfills the criteria outperforms a system with less
compliance. We could also show that compliance not only improves
the authentication mechanisms themselves, it also allows for
detailed comparisons between different systems.
Weitere Episoden
vor 11 Jahren
vor 11 Jahren
vor 11 Jahren
In Podcasts werben
Kommentare (0)