Multi-stage Risk-aware Adaptive Authentication and Access Control - Ph.D. Seminar BBBExport this event to calendar

Wednesday, June 23, 2021 — 3:00 PM EDT

Please join us on June 22nd (Tuesday) at 3:00 pm for Jiayi Chen's Ph.D. seminar. The seminar will be held online on BBB at https://bbb.crysp.org/b/jia-4zu-74k

Title: Multi-stage Risk-aware Adaptive Authentication and Access Control

Abstract: An adaptive authentication system can dynamically choose and adjust authentication mechanisms based on contextual information. With a strong context sensing ability brought by various sensors, the adaptive authentication system on mobile devices can automatically determine when to and how to authenticate a user balance the security and usability requirements. Existing studies mainly focus on context sensing and modelling, which triggers authentication adaptation. As for the adaptation process, most existing frameworks follow a simple adaption structure without the extensibility to handle different risks and progressive adaptation.

We propose a multi-stage risk-aware adaptive authentication and access control framework (MRAAC), which organizes different adaptation policies in several stages and uses contextual factors and authentication results for adaptation. Each stage represents a particular risk type and level that has specific adaptation goals and requirements. The multi-stage design allows our framework to handle different scenarios and support complex adaptation workflows. We implement two use cases, continuous authentication and device sharing, to show how to design a multi-stage adaptation solution using the MRAAC framework.

The experimental results on the HMOG dataset have shown that our multi-stage framework can enable early reactions to potential risks and lower the false rejection rate for continuous authentication mechanisms. We also conducted a small-scale device sharing user study to demonstrate how the MRAAC framework automatically detects sharing activities and adapts implicit authentication and access control to provide a secure sharing environment.

S M T W T F S
27
28
29
30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  1. 2021 (10)
    1. July (2)
    2. June (2)
    3. May (2)
    4. April (1)
    5. March (2)
    6. January (1)
  2. 2020 (12)
    1. December (1)
    2. November (1)
    3. October (7)
    4. June (1)
    5. February (2)
  3. 2019 (13)
  4. 2018 (14)
  5. 2017 (1)