Adaptive authentication: Issues and challenges

Author

Bakar, Khairul Azmi Abu ; Haron, Galoh Rashidah

Author_Institution

Inf. Security Lab., MIMOS Berhad, Kuala Lumpur, Malaysia

fYear

2013

fDate

22-24 June 2013

Firstpage

1

Lastpage

6

Abstract

Authentication is a mechanism to establish proof of identities. Common practise for authentication is to challenge user to present authentication credential. User who can present the valid credential is considered as authenticated identity. Traditional authentication systems have a static security requirement which does not consider the change of user behavior or environment. In contrast, adaptive authentication systems are risk-based authentication that consider those changes to identify high-risk and suspicious illegitimate login attempts. In this paper, we examine some of the adaptive authentication systems that have been proposed recently in the literature. Some of the issues and challenges when developing an adaptive authentication system are also discussed. We also introduce our own Unified Authentication Platform (UAP) which incorporates adaptive control. We describe two typical processes that are used in our Adaptive UAP.

Keywords

message authentication; UAP; adaptive authentication systems; adaptive control; authenticated identity; illegitimate login attempts identification; risk-based authentication; static security requirement; unified authentication platform; Adaptive systems; Authentication; Context; Generators; Mobile communication; Mobile handsets; adaptive authentication; behavioral profile; multi-factor authentication;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Information Technology (WCCIT), 2013 World Congress on

Conference_Location

Sousse

Print_ISBN

978-1-4799-0460-0

Type

conf

DOI

10.1109/WCCIT.2013.6618657

Filename

6618657