Balancing Security and Usability of Local Security Mechanisms for Mobile Devices

Yang, Shuzhe; Bal, Gökhan

doi:10.1007/978-3-642-30436-1_27

Cited by 6 publications

(3 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Each confidentiality mechanism may impede or even be mutually exclusive with some functionality; such trade-offs are indeed common [66]. Following [15], we extend our analysis to include usability (for users) and adoptability (for providers).…”

Section: Criteria For Evaluationmentioning

confidence: 99%

SoK: Cryptographic Confidentiality of Data on Mobile Devices

Zinkus

Jois

Green

2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Mobile devices have become an indispensable component of modern life. Their high storage capacity gives these devices the capability to store vast amounts of sensitive personal data, which makes them a high-value target: these devices are routinely stolen by criminals for data theft, and are increasingly viewed by law enforcement agencies as a valuable source of forensic data. Over the past several years, providers have deployed a number of advanced cryptographic features intended to protect data on mobile devices, even in the strong setting where an attacker has physical access to a device. Many of these techniques draw from the research literature, but have been adapted to this entirely new problem setting. This involves a number of novel challenges, which are incompletely addressed in the literature. In this work, we outline those challenges, and systematize the known approaches to securing user data against extraction attacks. Our work proposes a methodology that researchers can use to analyze cryptographic data confidentiality for mobile devices. We evaluate the existing literature for securing devices against data extraction adversaries with powerful capabilities including access to devices and to the cloud services they rely on. We then analyze existing mobile device confidentiality measures to identify research areas that have not received proper attention from the community and represent opportunities for future research.

show abstract

Section: Criteria For Evaluationmentioning

confidence: 99%

SoK: Cryptographic Confidentiality of Data on Mobile Devices

Zinkus

Jois

Green

2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…Furthermore, it is difficult to confirm that the demand authentication data is from the rightful owner with just matching the letters of the password [20]. Password is a single factor authentication technique if used alone and can be merged with other techniques to perform multi-factor authentication techniques as will be declared next.…”

Section: Knowledge-based Authentication Techniquesmentioning

confidence: 99%

Biometric-based Authentication Techniques for Securing Cloud Computing Data - A Survey

Asmaa¹,

Hala²,

Mostafa-Sami³

2018

IJCA

View full text Add to dashboard Cite

Cloud Computing is the most growing paradigm for delivering computational resources as a service over the internet. By 2018, many different enterprises have adopted this utility-based computing for reducing the operational and capital expenditure of building their infrastructure network, buying software licenses, hiring IT teams and other requirements. With this unlimited growth of using cloud services and the multi-tenancy nature of sharing cloud service instance between different consumers and enterprises, securing accessing to the data of the cloud became a major issue. Traditional authentication techniques and credentials does not provide enough security against the modern means of attacks. So, new biometric-based authentication techniques have been discovered to overcome the loop holes. Here we present a comprehensive survey on the existing user's authentication techniques especially biometric-based techniques used for accessing cloud data.

show abstract

“…PIN is adopted as the only security mechanism for mobile devices. It is obvious that, PIN (something the user knows) is not very secure mechanism for authenticating users because of its limitation, as well as it is difficult to confirm that the demand is from the rightful owner [17,44].…”

Section: Introductionmentioning

confidence: 99%

Keystroke Dynamic Authentication in Mobile Cloud Computing

Babaeizadeh¹,

Bakhtiari²,

Maarof³

2014

IJCA

View full text Add to dashboard Cite

One of the important challenges in Mobile Cloud Computing (MCC) is related to the authentication of users. There is increasing demand for suitable authentication method for accessing to the shared information via the Internet through Cloud Service Provider (CSP). Personal identification number is the most common mechanism for authentication in mobile devices; however it is not secure way for authenticating users. This work presents a method of authentication which able to identify users based on Keystroke Dynamic Authentication (KDA). Furthermore, keystrokes duration is considered as an attribute for measuring keystrokes of mobile's users. This paper proposed strong method of authentication in the password authentication scheme by combining it with keystroke authentication, which is a type of behavioral biometric mechanism. Experimental results show, the proposed method can work 97.014% correctly, due to the keystroke duration of each user depends on their behavioral characteristic and it can be measured up to milliseconds. On the other hand, if unauthorized person knows the username and password of legal user can not gain access rights because of difference between their keystroke duration. Therefore, it is hard for an attacker to pretend as an owner, and this method enhances the security of authentication in MCC

show abstract

Balancing Security and Usability of Local Security Mechanisms for Mobile Devices

Cited by 6 publications

References 12 publications

SoK: Cryptographic Confidentiality of Data on Mobile Devices

SoK: Cryptographic Confidentiality of Data on Mobile Devices

Biometric-based Authentication Techniques for Securing Cloud Computing Data - A Survey

Keystroke Dynamic Authentication in Mobile Cloud Computing

Contact Info

Product

Resources

About