Dissertation/Thesis Abstract

Towards usable end-user authentication
by Tanviruzzaman, Mohammad, Ph.D., Marquette University, 2014, 138; 3623762
Abstract (Summary)

Authentication is the process of validating the identity of an entity, e.g., a person, a machine, etc.; the entity usually provides a proof of identity in order to be authenticated. When the entity — to be authenticated — is a human, the authentication process is called end-user authentication. Making an end-user authentication usable entails making it easy for a human to obtain, manage, and input the proof of identity in a secure manner. In machine-to-machine authentication, both ends have comparable memory and computational power to securely carry out the authentication process using cryptographic primitives and protocols. On the contrary, as a human has limited memory and computational power, in end-user authentication, cryptography is of little use. Although password based end-user authentication has many well-known security and usability problems, it is the de facto standard. Almost half a century of research effort has produced a multitude of end-user authentication methods more sophisticated than passwords; yet, none has come close to replacing passwords.

In this dissertation, taking advantage of the built-in sensing capability of smartphones, we propose an end-user authentication framework for smartphones — called ePet — which does not require any active participation from the user most of the times; thus the proposed framework is highly usable. Using data collected from subjects, we validate a part of the authentication framework for the Android platform. For web authentication, in this dissertation, we propose a novel password creation interface, which helps a user remember a newly created password with more confidence — by allowing her to perform various memory tasks built upon her new password. Declarative and motor memory help the user remember and efficiently input a password. From a within-subjects study we show that declarative memory is sufficient for passwords; motor memory mostly facilitate the input process and thus the memory tasks have been designed to help cement the declarative memory for a newly created password. This dissertation concludes with an evaluation of the increased usability of the proposed interface through a between-subjects study.

Indexing (document details)
Advisor: Ahamed, Sheikh Iqbal
Commitee: Brylow, Dennis, Ge, Rong, Madiraju, Praveen, Merrill, Stephen, Nielson, Kristy
School: Marquette University
Department: Mathematics, Statistics & Computer Science
School Location: United States -- Wisconsin
Source: DAI-B 75/09(E), Dissertation Abstracts International
Source Type: DISSERTATION
Subjects: Cognitive psychology, Computer science
Keywords: Human memory, Keyboard, Password, Smartphone, Transparent Authentication
Publication Number: 3623762
ISBN: 978-1-303-96366-7
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest