Secure and Usable Authentication on Mobile Devices

Roland Schlöglhofer; Johannes Sametinger

Secure and Usable Authentication on Mobile Devices

Roland Schlöglhofer
, Johannes Sametinger

Institute of Business Informatics - Software Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

Abstract

Mobile devices contain a multitude of sensitive data and provide access to even more data as well as services somewhere on the Internet. Even if only temporarily in the hands of non-entitled persons, privacy is at stake. Authentication protects against unauthorized usage. Today’s operating systems of mobile devices offer authentication mechanisms. However, they are either vulnerable in some situations or not user friendly enough to be widely adopted. In this paper we suggest a novel authentication system which meets both the requirements of security and usability. For that purpose, we have analyzed existing authentication methods as well as targeting attacks. The resulting Android application SecureLock is a generic authentication system, which offers PIN and password, but also a property-based authentication method by means of NFC tags, and a novel image-based method called GesturePuzzle. The application has been evaluated and compared with other approaches for security and usability.

Original language	English
Title of host publication	MoMM2012, 10th International Conference on Advances in Mobile Computing & Multimedia, Bali, Indonesia, 3-5 December, 2012.
Number of pages	10
Publication status	Published - Dec 2012

Fields of science

102 Computer Sciences
102009 Computer simulation
102015 Information systems
102026 Virtual reality
102027 Web engineering
202022 Information technology
502050 Business informatics

JKU Focus areas

Computation in Informatics and Mathematics

IT Security
Pomberger, G. (PI) & Sametinger, J. (PI)
01.01.2009 → 31.12.2026
Project: Other › Project from scientific scope of research unit
Software Security
Sametinger, J. (PI)
01.01.2009 → 31.12.2026
Project: Other › Project from scientific scope of research unit

Cite this

@inproceedings{c136ce3de77c43cbb340387c47a46c17,

title = "Secure and Usable Authentication on Mobile Devices",

abstract = "Mobile devices contain a multitude of sensitive data and provide access to even more data as well as services somewhere on the Internet. Even if only temporarily in the hands of non-entitled persons, privacy is at stake. Authentication protects against unauthorized usage. Today{\textquoteright}s operating systems of mobile devices offer authentication mechanisms. However, they are either vulnerable in some situations or not user friendly enough to be widely adopted. In this paper we suggest a novel authentication system which meets both the requirements of security and usability. For that purpose, we have analyzed existing authentication methods as well as targeting attacks. The resulting Android application SecureLock is a generic authentication system, which offers PIN and password, but also a property-based authentication method by means of NFC tags, and a novel image-based method called GesturePuzzle. The application has been evaluated and compared with other approaches for security and usability.",

author = "Roland Schl{\"o}glhofer and Johannes Sametinger",

year = "2012",

month = dec,

language = "English",

booktitle = "MoMM2012, 10th International Conference on Advances in Mobile Computing \& Multimedia, Bali, Indonesia, 3-5 December, 2012.",

}

TY - GEN

T1 - Secure and Usable Authentication on Mobile Devices

AU - Schlöglhofer, Roland

AU - Sametinger, Johannes

PY - 2012/12

Y1 - 2012/12

N2 - Mobile devices contain a multitude of sensitive data and provide access to even more data as well as services somewhere on the Internet. Even if only temporarily in the hands of non-entitled persons, privacy is at stake. Authentication protects against unauthorized usage. Today’s operating systems of mobile devices offer authentication mechanisms. However, they are either vulnerable in some situations or not user friendly enough to be widely adopted. In this paper we suggest a novel authentication system which meets both the requirements of security and usability. For that purpose, we have analyzed existing authentication methods as well as targeting attacks. The resulting Android application SecureLock is a generic authentication system, which offers PIN and password, but also a property-based authentication method by means of NFC tags, and a novel image-based method called GesturePuzzle. The application has been evaluated and compared with other approaches for security and usability.

AB - Mobile devices contain a multitude of sensitive data and provide access to even more data as well as services somewhere on the Internet. Even if only temporarily in the hands of non-entitled persons, privacy is at stake. Authentication protects against unauthorized usage. Today’s operating systems of mobile devices offer authentication mechanisms. However, they are either vulnerable in some situations or not user friendly enough to be widely adopted. In this paper we suggest a novel authentication system which meets both the requirements of security and usability. For that purpose, we have analyzed existing authentication methods as well as targeting attacks. The resulting Android application SecureLock is a generic authentication system, which offers PIN and password, but also a property-based authentication method by means of NFC tags, and a novel image-based method called GesturePuzzle. The application has been evaluated and compared with other approaches for security and usability.

M3 - Conference proceedings

BT - MoMM2012, 10th International Conference on Advances in Mobile Computing & Multimedia, Bali, Indonesia, 3-5 December, 2012.

ER -

Secure and Usable Authentication on Mobile Devices

Abstract

Fields of science

JKU Focus areas

Projects

IT Security

Software Security

Cite this