Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions

Mustafa A. Mustafa; Aysajan Abidin; Enrique Argones Rúa

Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions

Mustafa A. Mustafa, Aysajan Abidin, Enrique Argones Rúa

Katholieke Universiteit Leuven

Research output: Contribution to journal › Conference article › peer-review

87 Downloads (Pure)

Abstract

This paper proposes a frictionless authentication system, provides a comprehensive security analysis of and proposes potential solutions for this system. It first presents a system that allows users to authenticate to services in a frictionless manner, i.e., without the need to perform any particular authentication-related actions. Based on this system model, the paper analyses security problems and potential privacy threats imposed on users, leading to the specification of a set of security and privacy requirements. These requirements can be used as a guidance on designing secure and privacy-friendly frictionless authentication systems. The paper also sketches three potential solutions for such systems and highlights their advantages and disadvantages.

Original language	English
Journal	11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017)
Publication status	Published - Sept 2017

Keywords

cs.CR

Access to Document

1802.07231Accepted author manuscript, 1.2 MB

http://www.thinkmind.org/index.php?view=article&articleid=securware_2017_12_10_38035

Cite this

@article{5e074252b4ad4b4f9e0c55ce63309f7f,

title = "Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions",

abstract = " This paper proposes a frictionless authentication system, provides a comprehensive security analysis of and proposes potential solutions for this system. It first presents a system that allows users to authenticate to services in a frictionless manner, i.e., without the need to perform any particular authentication-related actions. Based on this system model, the paper analyses security problems and potential privacy threats imposed on users, leading to the specification of a set of security and privacy requirements. These requirements can be used as a guidance on designing secure and privacy-friendly frictionless authentication systems. The paper also sketches three potential solutions for such systems and highlights their advantages and disadvantages. ",

keywords = "cs.CR",

author = "Mustafa, {Mustafa A.} and Aysajan Abidin and R{\'u}a, {Enrique Argones}",

note = "published at the 11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017)",

year = "2017",

month = sep,

language = "English",

journal = "11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017)",

publisher = "IARIA",

}

TY - JOUR

T1 - Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions

AU - Mustafa, Mustafa A.

AU - Abidin, Aysajan

AU - Rúa, Enrique Argones

N1 - published at the 11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017)

PY - 2017/9

Y1 - 2017/9

N2 - This paper proposes a frictionless authentication system, provides a comprehensive security analysis of and proposes potential solutions for this system. It first presents a system that allows users to authenticate to services in a frictionless manner, i.e., without the need to perform any particular authentication-related actions. Based on this system model, the paper analyses security problems and potential privacy threats imposed on users, leading to the specification of a set of security and privacy requirements. These requirements can be used as a guidance on designing secure and privacy-friendly frictionless authentication systems. The paper also sketches three potential solutions for such systems and highlights their advantages and disadvantages.

AB - This paper proposes a frictionless authentication system, provides a comprehensive security analysis of and proposes potential solutions for this system. It first presents a system that allows users to authenticate to services in a frictionless manner, i.e., without the need to perform any particular authentication-related actions. Based on this system model, the paper analyses security problems and potential privacy threats imposed on users, leading to the specification of a set of security and privacy requirements. These requirements can be used as a guidance on designing secure and privacy-friendly frictionless authentication systems. The paper also sketches three potential solutions for such systems and highlights their advantages and disadvantages.

KW - cs.CR

M3 - Conference article

JO - 11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017)

JF - 11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017)

ER -

Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions

Abstract

Keywords

Access to Document

Fingerprint

Cite this