An Improved Approach to Secure Authentication and Signing
An Improved Approach to Secure Authentication and Signing
We know how to build secure systems but for security measures to be truly effective it is necessary to use keys which are far too large for people to commit to memory. The consequence is that people avoid using security measures or they resort to recording their key information somewhere which they find convenient to access. If any kind of barrier to unauthorised access to this store is used, it is invariably a username and short password or PIN combination. This compromises the effectiveness of primary schemes by presenting an intruder with a weak point to attack. This paper describes a hybrid scheme incorporating an electronic token and biometric verification. The scheme eliminates the need to rely on the user’s memory so it can use keys which are long enough to be effective, yet it is also quick and convenient in use and could be adopted anywhere that presently uses username-password arrangements.
Security Biometric
Argles, David
7dd3d276-b2b2-4fb2-a0e8-4058bb01fc37
Pease, Alex
9ec456d7-a959-44c0-98e1-a2cfd661b4c3
Walters, Robert J
7b8732fb-3083-4f4d-844e-85a29daaa2c1
2007
Argles, David
7dd3d276-b2b2-4fb2-a0e8-4058bb01fc37
Pease, Alex
9ec456d7-a959-44c0-98e1-a2cfd661b4c3
Walters, Robert J
7b8732fb-3083-4f4d-844e-85a29daaa2c1
Argles, David, Pease, Alex and Walters, Robert J
(2007)
An Improved Approach to Secure Authentication and Signing.
The 2007 International Symposium on Frontiers in Networking with Applications (FINA 2007) In conjunction with The IEEE 21st International Conference on Advanced Information Networking and Applications (AINA 2007)., Niagara Falls, Canada.
21 - 23 May 2007.
Record type:
Conference or Workshop Item
(Paper)
Abstract
We know how to build secure systems but for security measures to be truly effective it is necessary to use keys which are far too large for people to commit to memory. The consequence is that people avoid using security measures or they resort to recording their key information somewhere which they find convenient to access. If any kind of barrier to unauthorised access to this store is used, it is invariably a username and short password or PIN combination. This compromises the effectiveness of primary schemes by presenting an intruder with a weak point to attack. This paper describes a hybrid scheme incorporating an electronic token and biometric verification. The scheme eliminates the need to rely on the user’s memory so it can use keys which are long enough to be effective, yet it is also quick and convenient in use and could be adopted anywhere that presently uses username-password arrangements.
Text
WaltersR-ImprovedAuthetication.pdf
- Other
Restricted to Registered users only
Request a copy
More information
Published date: 2007
Additional Information:
Event Dates: May 21-23, 2007
Venue - Dates:
The 2007 International Symposium on Frontiers in Networking with Applications (FINA 2007) In conjunction with The IEEE 21st International Conference on Advanced Information Networking and Applications (AINA 2007)., Niagara Falls, Canada, 2007-05-21 - 2007-05-23
Keywords:
Security Biometric
Organisations:
Electronic & Software Systems
Identifiers
Local EPrints ID: 263587
URI: http://eprints.soton.ac.uk/id/eprint/263587
PURE UUID: 126c81e1-8a91-4810-9169-06bc89b82e08
Catalogue record
Date deposited: 21 Feb 2007
Last modified: 14 Mar 2024 07:35
Export record
Contributors
Author:
David Argles
Author:
Alex Pease
Author:
Robert J Walters
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics