用于医疗保健应用的基于JSON Web签名的自适应身份验证模式

2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA) Pub Date : 2022-09-09 DOI:10.1109/PKIA56009.2022.9952258

Vivin Krishnan, C. Sreeja, S. Binu, M. Misbahuddin

{"title":"用于医疗保健应用的基于JSON Web签名的自适应身份验证模式","authors":"Vivin Krishnan, C. Sreeja, S. Binu, M. Misbahuddin","doi":"10.1109/PKIA56009.2022.9952258","DOIUrl":null,"url":null,"abstract":"In the era of fast internet-centric systems, the importance of security cannot be stressed more. However, stringent and multiple layers of security measures tend to be a hindrance to usability. This even prompts users to bypass multi-factor authentication schemes recommended by enterprises. The need to balance security and usability gave rise to Adaptive authentication. This system of utilizing the user's behavioral context and earlier access patterns is gaining popularity. Continuously analyzing the user's request patterns and attributes against an established contextual profile helps maintain security while challenging the user only when required. This paper proposes an Open standards based authentication modality that can seamlessly integrate with an Adaptive Authentication system. The proposed authentication modality uses JavaScript Object Notation(JSON), JSON Web Signature(JWS) and supports a means of verifying the authenticity of the requesting client. The proposed authentication modality has been formally verified using Scyther and all the claims have been validated.","PeriodicalId":333935,"journal":{"name":"2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A JSON Web Signature Based Adaptive Authentication Modality for Healthcare Applications\",\"authors\":\"Vivin Krishnan, C. Sreeja, S. Binu, M. Misbahuddin\",\"doi\":\"10.1109/PKIA56009.2022.9952258\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the era of fast internet-centric systems, the importance of security cannot be stressed more. However, stringent and multiple layers of security measures tend to be a hindrance to usability. This even prompts users to bypass multi-factor authentication schemes recommended by enterprises. The need to balance security and usability gave rise to Adaptive authentication. This system of utilizing the user's behavioral context and earlier access patterns is gaining popularity. Continuously analyzing the user's request patterns and attributes against an established contextual profile helps maintain security while challenging the user only when required. This paper proposes an Open standards based authentication modality that can seamlessly integrate with an Adaptive Authentication system. The proposed authentication modality uses JavaScript Object Notation(JSON), JSON Web Signature(JWS) and supports a means of verifying the authenticity of the requesting client. The proposed authentication modality has been formally verified using Scyther and all the claims have been validated.\",\"PeriodicalId\":333935,\"journal\":{\"name\":\"2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PKIA56009.2022.9952258\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PKIA56009.2022.9952258","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

在以快速互联网为中心的系统时代，安全的重要性再强调不过。然而，严格的多层安全措施往往会阻碍可用性。这甚至会促使用户绕过企业推荐的多因素认证方案。平衡安全性和可用性的需要产生了自适应身份验证。这种利用用户的行为背景和早期访问模式的系统越来越受欢迎。根据已建立的上下文概要文件连续分析用户的请求模式和属性有助于维护安全性，同时仅在需要时才向用户发出挑战。本文提出了一种基于开放标准的认证模式，该模式可以与自适应认证系统无缝集成。提议的身份验证模式使用JavaScript对象表示法(JSON)和JSON Web签名(JWS)，并支持一种验证请求客户端真实性的方法。提议的身份验证方式已经使用Scyther进行了正式验证，并且所有声明都已得到验证。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A JSON Web Signature Based Adaptive Authentication Modality for Healthcare Applications

In the era of fast internet-centric systems, the importance of security cannot be stressed more. However, stringent and multiple layers of security measures tend to be a hindrance to usability. This even prompts users to bypass multi-factor authentication schemes recommended by enterprises. The need to balance security and usability gave rise to Adaptive authentication. This system of utilizing the user's behavioral context and earlier access patterns is gaining popularity. Continuously analyzing the user's request patterns and attributes against an established contextual profile helps maintain security while challenging the user only when required. This paper proposes an Open standards based authentication modality that can seamlessly integrate with an Adaptive Authentication system. The proposed authentication modality uses JavaScript Object Notation(JSON), JSON Web Signature(JWS) and supports a means of verifying the authenticity of the requesting client. The proposed authentication modality has been formally verified using Scyther and all the claims have been validated.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA)

自引率

0.00%

发文量