将持续身份验证与主动平台加固相结合

Ryan V. Johnson, Rahul Murmuria, A. Stavrou, Vincent Sritapan
{"title":"将持续身份验证与主动平台加固相结合","authors":"Ryan V. Johnson, Rahul Murmuria, A. Stavrou, Vincent Sritapan","doi":"10.1109/PERCOMW.2017.7917532","DOIUrl":null,"url":null,"abstract":"Mobile authentication has always been a usability and security challenge. In the past, researchers have discovered various methods to bypass the screen lock protection mechanism without entering authentication credentials on mobile devices. There is a clear need for authentication to be seamless and continuous but also address the security threats that stem from the current unlock-once, always-on mechanisms. To that end, we developed a framework for continuous behavioral authentication of users. In addition, we introduce a configurable “authentication level” for access to resources and applications. For example, if a user's authentication level declines below a pre-specified threshold, all external communications are disabled to prevent exfiltration of sensitive data. Similarly, viewing or modifying any sensitive data on the device is also restricted by moderating access to the underlying file system based on the user's authentication level. We will perform a live demonstration of our entire system implemented for Android 6.0.1, and show how it can successfully defend against a wide range of attacks while improving the usability of the mobile device by offering a seamless authentication experience.","PeriodicalId":319638,"journal":{"name":"2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Pairing continuous authentication with proactive platform hardening\",\"authors\":\"Ryan V. Johnson, Rahul Murmuria, A. Stavrou, Vincent Sritapan\",\"doi\":\"10.1109/PERCOMW.2017.7917532\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Mobile authentication has always been a usability and security challenge. In the past, researchers have discovered various methods to bypass the screen lock protection mechanism without entering authentication credentials on mobile devices. There is a clear need for authentication to be seamless and continuous but also address the security threats that stem from the current unlock-once, always-on mechanisms. To that end, we developed a framework for continuous behavioral authentication of users. In addition, we introduce a configurable “authentication level” for access to resources and applications. For example, if a user's authentication level declines below a pre-specified threshold, all external communications are disabled to prevent exfiltration of sensitive data. Similarly, viewing or modifying any sensitive data on the device is also restricted by moderating access to the underlying file system based on the user's authentication level. We will perform a live demonstration of our entire system implemented for Android 6.0.1, and show how it can successfully defend against a wide range of attacks while improving the usability of the mobile device by offering a seamless authentication experience.\",\"PeriodicalId\":319638,\"journal\":{\"name\":\"2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops)\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-03-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PERCOMW.2017.7917532\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PERCOMW.2017.7917532","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3

摘要

移动身份验证一直是可用性和安全性方面的挑战。过去,研究人员已经发现了各种绕过屏幕锁定保护机制的方法,而无需在移动设备上输入身份验证凭证。显然,需要无缝和连续的身份验证,但也需要解决当前“一次解锁,永远在线”机制所带来的安全威胁。为此,我们开发了一个对用户进行持续行为认证的框架。此外,我们还为访问资源和应用程序引入了一个可配置的“身份验证级别”。例如,如果用户的认证级别低于预先设定的阈值,则禁止所有外部通信,以防止敏感数据泄露。类似地,查看或修改设备上的任何敏感数据也受到限制,因为要根据用户的身份验证级别调节对底层文件系统的访问。我们将对Android 6.0.1上实现的整个系统进行现场演示,并展示它如何成功抵御各种攻击,同时通过提供无缝的身份验证体验来提高移动设备的可用性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Pairing continuous authentication with proactive platform hardening
Mobile authentication has always been a usability and security challenge. In the past, researchers have discovered various methods to bypass the screen lock protection mechanism without entering authentication credentials on mobile devices. There is a clear need for authentication to be seamless and continuous but also address the security threats that stem from the current unlock-once, always-on mechanisms. To that end, we developed a framework for continuous behavioral authentication of users. In addition, we introduce a configurable “authentication level” for access to resources and applications. For example, if a user's authentication level declines below a pre-specified threshold, all external communications are disabled to prevent exfiltration of sensitive data. Similarly, viewing or modifying any sensitive data on the device is also restricted by moderating access to the underlying file system based on the user's authentication level. We will perform a live demonstration of our entire system implemented for Android 6.0.1, and show how it can successfully defend against a wide range of attacks while improving the usability of the mobile device by offering a seamless authentication experience.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信