Multi-stage Risk-aware Adaptive Authentication and Access Control - Ph.D. Seminar BBB

Wednesday, June 23, 2021 3:00 pm - 3:00 pm EDT

Please join us on June 22nd (Tuesday) at 3:00 pm for Jiayi Chen's Ph.D. seminar. The seminar will be held online on BBB at https://bbb.crysp.org/b/jia-4zu-74k

Title: Multi-stage Risk-aware Adaptive Authentication and Access Control

Abstract: An adaptive authentication system can dynamically choose and adjust authentication mechanisms based on contextual information. With a strong context sensing ability brought by various sensors, the adaptive authentication system on mobile devices can automatically determine when to and how to authenticate a user balance the security and usability requirements. Existing studies mainly focus on context sensing and modelling, which triggers authentication adaptation. As for the adaptation process, most existing frameworks follow a simple adaption structure without the extensibility to handle different risks and progressive adaptation.

We propose a multi-stage risk-aware adaptive authentication and access control framework (MRAAC), which organizes different adaptation policies in several stages and uses contextual factors and authentication results for adaptation. Each stage represents a particular risk type and level that has specific adaptation goals and requirements. The multi-stage design allows our framework to handle different scenarios and support complex adaptation workflows. We implement two use cases, continuous authentication and device sharing, to show how to design a multi-stage adaptation solution using the MRAAC framework.

The experimental results on the HMOG dataset have shown that our multi-stage framework can enable early reactions to potential risks and lower the false rejection rate for continuous authentication mechanisms. We also conducted a small-scale device sharing user study to demonstrate how the MRAAC framework automatically detects sharing activities and adapts implicit authentication and access control to provide a secure sharing environment.