Evaluation of a Risk-Based Management Method for Online Accounts

Akiyama, Takumi; Otani, Kazuya; Kakizaki, Yoshio; Sasaki, Ryo

doi:10.1109/cybersec.2015.19

Cited by 2 publications

(1 citation statement)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our method minimizes the number of passwords and the information leakage risk, and can reduce the number of passwords to approximately 30% -40%. For more details, please see [20].…”

Section: Example Executionmentioning

confidence: 99%

Online Accounts Management Method Using Risk-Based Approach

Kakizaki¹,

Akiyama²,

Otani³

et al. 2016

JCC

Self Cite

View full text Add to dashboard Cite

In this paper, we propose an online accounts management method that uses a riskbased approach to minimize any risk of personal information leakage, while permitting users to reuse passwords. The proposed method clusters some accounts to reduce the number of passwords a user has to remember. This is achieved without increasing the risk value of any leaked personal information because the clustered accounts have similar attributes. Further, the proposed method suppresses any increase in risk by optimizing the cluster even if the password is shared by numerous accounts, and can reduce the number of passwords to approximately 30%-40%. In evaluations conducted, 91% of participants accepted our method, indicating that it balances usability with security.

show abstract

“…Our method minimizes the number of passwords and the information leakage risk, and can reduce the number of passwords to approximately 30% -40%. For more details, please see [20].…”

Section: Example Executionmentioning

confidence: 99%

Online Accounts Management Method Using Risk-Based Approach

Kakizaki¹,

Akiyama²,

Otani³

et al. 2016

JCC

Self Cite

View full text Add to dashboard Cite

show abstract

Combining SABSA and Vis4Sec to the Process Framework IdMSecMan to Continuously Improve Identity Management Security in Heterogeneous ICT Infrastructures

2023

View full text Add to dashboard Cite

Identity management ensures that users have appropriate access to resources, such as ICT services and data. Thereby, identity management does not only identify, authenticate, and authorize individuals, but also the hardware devices and software applications which the users need for access. In consequence, identity management is an important element of information security management (ISM) and data governance. As ICT infrastructures are constantly changing, and new threats emerge, identity management has to be continuously improved, just like any other business process. In order to align the identity management process with business requirements, and provide a systematic approach supported by reporting and supporting visualizations, we apply Sherwood Applied Business Security Architecture (SABSA) and Visualization for Security (Vis4Sec) together in our approach, IdMSecMan (identity management security management). We first introduce IdMSecMan, before applying it to the central technical process activities of identification, authentication, and authorization. Our approach is underlined by a case study. Thereby, we, for example, see that enabling multi-factor authentication in organizations impacts other areas that may be overlooked without a structured approach. With IdMSecMan, we provide a process framework to align all decisions and to constantly improve identity management within organizations and inter-organizational collaborations.

show abstract

Evaluation of a Risk-Based Management Method for Online Accounts

Cited by 2 publications

References 1 publication

Online Accounts Management Method Using Risk-Based Approach

Online Accounts Management Method Using Risk-Based Approach

Combining SABSA and Vis4Sec to the Process Framework IdMSecMan to Continuously Improve Identity Management Security in Heterogeneous ICT Infrastructures

Contact Info

Product

Resources

About