Pretraga

Pretražite po imenu i prezimenu autora, mentora, urednika, prevoditelja

Napredna pretraga

Pregled bibliografske jedinice broj: 645110

Knowledge based authentication requirements

Skračić, Kristian; Pale, Predrag; Jeren, Branko
Knowledge based authentication requirements // MIPRO 2012 International Convention Opatija
Opatija, Hrvatska, 2013. str. 1116-1120 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)

CROSBI ID: 645110 Za ispravke kontaktirajte CROSBI podršku putem web obrasca

Naslov
Knowledge based authentication requirements

Autori
Skračić, Kristian ; Pale, Predrag ; Jeren, Branko

Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni

Skup
MIPRO 2012 International Convention Opatija

Mjesto i datum
Opatija, Hrvatska, 20.05.2013. - 24.05.2013

Vrsta sudjelovanja
Predavanje

Vrsta recenzije
Međunarodna recenzija

Ključne riječi
user authentication. authentication requirements; evaluation criteria

Sažetak
Published evaluation criteria for knowledge based authentication (KBA) methods do not provide a sufficiently formed framework to use as a guideline during design and testing of KBA methods and tools. The aim of this paper is to define a set of requirements for creating a secure user authentication method based on the user's knowledge. The requirements address four issues in user authentication. The first refers to eavesdropping an authentication session and using the intercepted information in the next session. By repeating the recorded response an attacker should not be able to authenticate himself as a legitimate user. The second issue is the ability to predict an authentication challenge by analyzing previous challenges. If an attacker can record a set of challenges over a long period, he should not be able to learn the next challenge beforehand. The third issue is the guessability of correct responses to authentication challenges. In general, multiple sources of information about the user are available to an attacker. The correct response to a challenge should not be obvious from such sources. The fourth issue is the authentication server's vulnerability. By this any information system component that is used to authenticate users is meant. If an attacker manages to gain partial or complete access to the authentication server and its data, the user's digital identity should not be compromised. These for requirements are proposed as a generic checklist against which KBA methods and tools should be checked.

Izvorni jezik
Engleski

Znanstvena područja
Računarstvo



POVEZANOST RADA

Ustanove:
Fakultet elektrotehnike i računarstva, Zagreb

Profili:

Avatar Url Predrag Pale (autor)

Avatar Url Branko Jeren (autor)

Citiraj ovu publikaciju:

Skračić, Kristian; Pale, Predrag; Jeren, Branko
Knowledge based authentication requirements // MIPRO 2012 International Convention Opatija
Opatija, Hrvatska, 2013. str. 1116-1120 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
Skračić, K., Pale, P. & Jeren, B. (2013) Knowledge based authentication requirements. U: MIPRO 2012 International Convention Opatija.
@article{article, author = {Skra\v{c}i\'{c}, Kristian and Pale, Predrag and Jeren, Branko}, year = {2013}, pages = {1116-1120}, keywords = {user authentication. authentication requirements, evaluation criteria}, title = {Knowledge based authentication requirements}, keyword = {user authentication. authentication requirements, evaluation criteria}, publisherplace = {Opatija, Hrvatska} }
@article{article, author = {Skra\v{c}i\'{c}, Kristian and Pale, Predrag and Jeren, Branko}, year = {2013}, pages = {1116-1120}, keywords = {user authentication. authentication requirements, evaluation criteria}, title = {Knowledge based authentication requirements}, keyword = {user authentication. authentication requirements, evaluation criteria}, publisherplace = {Opatija, Hrvatska} }

Podijeli:





Contrast
Increase Font
Decrease Font
Dyslexic Font
CROSBI koristi kolačiće (cookies) kako bi poboljšao funkcionalnost stranice.