{"title":"简而言之:智能手机:不够智能?","authors":"I. Fischer, C. Kuo, Ling Huang, Mario Frank","doi":"10.1145/2381934.2381941","DOIUrl":null,"url":null,"abstract":"Today's mobile devices are packed with sensors that are capable of gathering rich contextual information, such as location, wireless device signatures, ambient noise, and photographs. This paper exhorts the security community to re-design authentication mechanisms for users on mobile devices. Instead of relying on one simplistic, worst-case threat model, we should use contextual information to develop more nuanced models that assess the risk level of the user's current environment. This would allow us to decrease or eliminate the level of user interaction required to authenticate in some situations, improving usability without any effective impact on security. Ideally, authentication mechanisms will scale up or down to match users' own mental threat models of their environments. We sketch out several scenarios demonstrating how contextual information can be used to assess risks and adapt authentication mechanisms. This is a research-rich area, and we outline future research directions for developing and evaluating dynamic security mechanisms using contextual information.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":"{\"title\":\"Short paper: smartphones: not smart enough?\",\"authors\":\"I. Fischer, C. Kuo, Ling Huang, Mario Frank\",\"doi\":\"10.1145/2381934.2381941\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Today's mobile devices are packed with sensors that are capable of gathering rich contextual information, such as location, wireless device signatures, ambient noise, and photographs. This paper exhorts the security community to re-design authentication mechanisms for users on mobile devices. Instead of relying on one simplistic, worst-case threat model, we should use contextual information to develop more nuanced models that assess the risk level of the user's current environment. This would allow us to decrease or eliminate the level of user interaction required to authenticate in some situations, improving usability without any effective impact on security. Ideally, authentication mechanisms will scale up or down to match users' own mental threat models of their environments. We sketch out several scenarios demonstrating how contextual information can be used to assess risks and adapt authentication mechanisms. This is a research-rich area, and we outline future research directions for developing and evaluating dynamic security mechanisms using contextual information.\",\"PeriodicalId\":213305,\"journal\":{\"name\":\"Security and Privacy in Smartphones and Mobile Devices\",\"volume\":\"46 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-10-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"20\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Security and Privacy in Smartphones and Mobile Devices\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2381934.2381941\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security and Privacy in Smartphones and Mobile Devices","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2381934.2381941","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Today's mobile devices are packed with sensors that are capable of gathering rich contextual information, such as location, wireless device signatures, ambient noise, and photographs. This paper exhorts the security community to re-design authentication mechanisms for users on mobile devices. Instead of relying on one simplistic, worst-case threat model, we should use contextual information to develop more nuanced models that assess the risk level of the user's current environment. This would allow us to decrease or eliminate the level of user interaction required to authenticate in some situations, improving usability without any effective impact on security. Ideally, authentication mechanisms will scale up or down to match users' own mental threat models of their environments. We sketch out several scenarios demonstrating how contextual information can be used to assess risks and adapt authentication mechanisms. This is a research-rich area, and we outline future research directions for developing and evaluating dynamic security mechanisms using contextual information.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
