Authentication in a Hyperconnected World: Challenges, Opportunities and Approaches

International Conference on Cyber Warfare and Security Pub Date : 2024-03-21 DOI:10.34190/iccws.19.1.2070

Christoph Lipps, Jan Herbst, Rekha Reddy, Matthias Rüb, Hans D. Schotten

{"title":"Authentication in a Hyperconnected World: Challenges, Opportunities and Approaches","authors":"Christoph Lipps, Jan Herbst, Rekha Reddy, Matthias Rüb, Hans D. Schotten","doi":"10.34190/iccws.19.1.2070","DOIUrl":null,"url":null,"abstract":"Authentication and integrity are the prerequisites for trustworthy and secure communication. Without unambiguous knowledge of who is being interacted with, no confidential content can be exchanged, no (remote) access to systems and equipment can be granted, and no trust can be established. This situation is further exacerbated by an increasing interconnection and globalization towards a hyperconnected world. (Communication) Participants are no longer necessarily in close physical and social proximity and do not need to know each other, but can have their source/destination anywhere in the world. \n An authentication process is used to verify that someone -whether human or machine-, is in fact who she claims to be: The process thus includes a validation step to evaluate an assertion. However, systems differ in terms of their requirements, for instance with regard to the authentication options available, the time period required for re-authentication and the frequency of re-authentication, as well as the level of security to be achieved with authentication. The latter particularly with regard to the cost/benefit ratio of the application. Additionally, there are efforts to finally abolish traditional passwords, passphrases and pin codes and render them obsolete. \n In this work, technologies and methods for authentication beyond passwords and trustworthy authentication will be examined, particularly with regard to future communication infrastructures such as Beyond 5G and Sixth Generation (6G) wireless systems. Thereby, the impact of Artificial Intelligence (AI) methods, but also the relevance to Quantum Key Distribution (QKD) and Post Quantum Cryptography, as well as the use of 6G-enabling technologies like Reconfigurable Intelligent Surfaces (RISs), Wireless Optical Communication (WOC) and Physical Layer Security (PhySec), for example as additional factors of a multi-factor authentication process, will be considered, along with Body Area Networks (BANs) and the integration of the human body relying on biometrics. The various concepts are compared with regard to their requirements, limitations and possible applications in order to provide the user with an orientation as to which authentication method is conceivable and useful in which specific scenarios.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"9 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Cyber Warfare and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.34190/iccws.19.1.2070","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Authentication and integrity are the prerequisites for trustworthy and secure communication. Without unambiguous knowledge of who is being interacted with, no confidential content can be exchanged, no (remote) access to systems and equipment can be granted, and no trust can be established. This situation is further exacerbated by an increasing interconnection and globalization towards a hyperconnected world. (Communication) Participants are no longer necessarily in close physical and social proximity and do not need to know each other, but can have their source/destination anywhere in the world. An authentication process is used to verify that someone -whether human or machine-, is in fact who she claims to be: The process thus includes a validation step to evaluate an assertion. However, systems differ in terms of their requirements, for instance with regard to the authentication options available, the time period required for re-authentication and the frequency of re-authentication, as well as the level of security to be achieved with authentication. The latter particularly with regard to the cost/benefit ratio of the application. Additionally, there are efforts to finally abolish traditional passwords, passphrases and pin codes and render them obsolete. In this work, technologies and methods for authentication beyond passwords and trustworthy authentication will be examined, particularly with regard to future communication infrastructures such as Beyond 5G and Sixth Generation (6G) wireless systems. Thereby, the impact of Artificial Intelligence (AI) methods, but also the relevance to Quantum Key Distribution (QKD) and Post Quantum Cryptography, as well as the use of 6G-enabling technologies like Reconfigurable Intelligent Surfaces (RISs), Wireless Optical Communication (WOC) and Physical Layer Security (PhySec), for example as additional factors of a multi-factor authentication process, will be considered, along with Body Area Networks (BANs) and the integration of the human body relying on biometrics. The various concepts are compared with regard to their requirements, limitations and possible applications in order to provide the user with an orientation as to which authentication method is conceivable and useful in which specific scenarios.

查看原文本刊更多论文

超级互联世界中的身份验证：挑战、机遇和方法

身份验证和完整性是可信和安全通信的先决条件。如果不能明确知道谁在与之交互，就无法交换机密内容，无法（远程）访问系统和设备，也就无法建立信任。随着互联和全球化的不断加强，这种情况进一步恶化，最终形成一个超级互联的世界。(通信）参与者不一定在物理和社会上距离很近，也不需要相互认识，他们的来源/目的地可以是世界上的任何地方。身份验证过程用于验证某人（无论是人类还是机器）是否确有其人：因此，该过程包括一个验证步骤，以评估断言。不过，各系统的要求各不相同，例如在可用的认证选项、重新认证所需的时间、重新认证的频率以及认证所要达到的安全级别等方面。后者尤其涉及应用的成本/效益比。此外，人们还在努力最终废除传统的密码、口令和密码，使其过时。在这项工作中，将研究密码和可信身份验证以外的身份验证技术和方法，特别是与未来通信基础设施（如超越 5G 和第六代（6G）无线系统）有关的技术和方法。因此，不仅要考虑人工智能（AI）方法的影响，还要考虑量子密钥分发（QKD）和后量子密码学的相关性，以及可重构智能表面（RIS）、无线光通信（WOC）和物理层安全（PhySec）等 6G 使能技术的使用，例如作为多因素身份验证过程的附加因素，同时还要考虑体域网络（BAN）和依靠生物识别技术的人体集成。将对各种概念的要求、局限性和可能的应用进行比较，以便向用户介绍哪种身份验证方法在哪些具体情况下是可行和有用的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Conference on Cyber Warfare and Security

自引率

0.00%

发文量