Skip to main content

2015 | OriginalPaper | Buchkapitel

Design and Analysis of Shoulder Surfing Resistant PIN Based Authentication Mechanisms on Google Glass

verfasst von : Dhruv Kumar Yadav, Beatrice Ionascu, Sai Vamsi Krishna Ongole, Aditi Roy, Nasir Memon

Erschienen in: Financial Cryptography and Data Security

Verlag: Springer Berlin Heidelberg

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

This paper explores options to the built-in authentication mechanism of the Google Glass which is vulnerable to shoulder surfing attacks. Two simple PIN-based authentication techniques are presented, both of which provide protection against shoulder surfing. The techniques employ two interfaces for entering the PIN, namely, voice (Voice-based PIN) and touchpad (Touch-based PIN). To enter the same PIN, user has the freedom to choose either technique and thereby interface, as per the environment in which authentication is being performed. A user study was conducted with 30 participants to compare the performance of the proposed methods with the built-in technique. The results show that the proposed mechanisms have a significantly better login success rate than the built-in technique. Interestingly, although the average authentication times of the proposed methods are higher than that of the built-in one, the users perceived them as being faster. The results also indicate that the proposed methods have better perceived security and usability than the built-in method. The study reveals that when it comes to authentication on augmented reality devices, there is a need for authentication mechanisms that complement each other as users tend to prefer a different interface in different contexts.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
3.
Zurück zum Zitat McNaney, R., Vines, J., Roggen, D., Balaam, M., Zhang, P., Poliakov, I., Olivier, P.: Exploring the acceptability of google glass as an everyday assistive device for people with parkinsons. In: Proceedings of CHI, pp. 2551–2554 (2014) McNaney, R., Vines, J., Roggen, D., Balaam, M., Zhang, P., Poliakov, I., Olivier, P.: Exploring the acceptability of google glass as an everyday assistive device for people with parkinsons. In: Proceedings of CHI, pp. 2551–2554 (2014)
4.
Zurück zum Zitat Hernandez, J., Li, Y., Rehg, J. M., Picard, R. W.: BioGlass: physiological parameter estimation using a head-mounted wearable device. Accepted in Mobihealth Hernandez, J., Li, Y., Rehg, J. M., Picard, R. W.: BioGlass: physiological parameter estimation using a head-mounted wearable device. Accepted in Mobihealth
5.
Zurück zum Zitat Ishimaru, S., Kunze, K., Kise, K., Weppner, J., Dengel, A., Lukowicz, P., Bulling, A.: In the blink of an eye: combining head motion and eye blink frequency for activity recognition with Google Glass. In: Proceedings of the Augmented Human International Conference, vol. 15 (2014) Ishimaru, S., Kunze, K., Kise, K., Weppner, J., Dengel, A., Lukowicz, P., Bulling, A.: In the blink of an eye: combining head motion and eye blink frequency for activity recognition with Google Glass. In: Proceedings of the Augmented Human International Conference, vol. 15 (2014)
6.
Zurück zum Zitat Yus, R., Pappachan, P., Das, P. K., Mena, E., Joshi, A., Finin, T.: Demo: FaceBlock: privacy-aware pictures for google glass. In: Proceedings of International Conference on Mobile Systems, Applications, and Services, vol. 366 (2014) Yus, R., Pappachan, P., Das, P. K., Mena, E., Joshi, A., Finin, T.: Demo: FaceBlock: privacy-aware pictures for google glass. In: Proceedings of International Conference on Mobile Systems, Applications, and Services, vol. 366 (2014)
7.
Zurück zum Zitat Egelman, S., Jain, S., Portnoff, R. S., Liao, K., Consolvo, S., Wagner, D.: Are you ready to lock? understanding user motivations for smartphone locking behaviors. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security (2014) Egelman, S., Jain, S., Portnoff, R. S., Liao, K., Consolvo, S., Wagner, D.: Are you ready to lock? understanding user motivations for smartphone locking behaviors. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security (2014)
8.
Zurück zum Zitat Bailey, D. V., Drmuth, M., Paar, C.: “Typing” passwords withvoice recognition: how to authenticate to google glass. In: Proceedings ofthe Symposium on Usable Privacy and Security (2014) Bailey, D. V., Drmuth, M., Paar, C.: “Typing” passwords withvoice recognition: how to authenticate to google glass. In: Proceedings ofthe Symposium on Usable Privacy and Security (2014)
9.
Zurück zum Zitat Rogers, J.: Please enter your four-digit pin. In: Financial Services Technology, U.S. Edition, vol. 4 (2007) Rogers, J.: Please enter your four-digit pin. In: Financial Services Technology, U.S. Edition, vol. 4 (2007)
10.
Zurück zum Zitat Ratha, N.K., Chikkerur, S., Connell, J.H., Bolle, R.M.: Generating cancelable fingerprint templates. IEEE Trans. PAMI 29(4), 561–572 (2007)CrossRef Ratha, N.K., Chikkerur, S., Connell, J.H., Bolle, R.M.: Generating cancelable fingerprint templates. IEEE Trans. PAMI 29(4), 561–572 (2007)CrossRef
11.
Zurück zum Zitat Weiss, R., De Luca, A.: PassShapes: utilizing stroke based authentication to increase password memorability. In: Proceedings of NordiCHI, pp. 383–392 (2008) Weiss, R., De Luca, A.: PassShapes: utilizing stroke based authentication to increase password memorability. In: Proceedings of NordiCHI, pp. 383–392 (2008)
12.
Zurück zum Zitat Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: Proceedings of USENIX Security Symposium, vol. 13, pp. 1–14 (2004) Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: Proceedings of USENIX Security Symposium, vol. 13, pp. 1–14 (2004)
13.
Zurück zum Zitat Birget, J.-C., Dawei, H., Memon, N.: Graphical passwords based on robust discretization. IEEE Trans. Inf. Forensics Secur. 1(3), 395–399 (2006)CrossRef Birget, J.-C., Dawei, H., Memon, N.: Graphical passwords based on robust discretization. IEEE Trans. Inf. Forensics Secur. 1(3), 395–399 (2006)CrossRef
14.
Zurück zum Zitat Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of SSYM (1999) Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of SSYM (1999)
15.
Zurück zum Zitat Dirik, A.E., Memon, N., Birget, J.C.: Modeling user choice in the PassPoints graphical password scheme. In: Proceedings of Usable Privacy and Security, pp. 20–28 (2007) Dirik, A.E., Memon, N., Birget, J.C.: Modeling user choice in the PassPoints graphical password scheme. In: Proceedings of Usable Privacy and Security, pp. 20–28 (2007)
17.
Zurück zum Zitat Roth, V., Richter, K., Freidinger, R.: A pin-entry methodresilient against shoulder surfing. In: Proceedings of Conference on Computer and Communications Security, pp. 236–245 (2004) Roth, V., Richter, K., Freidinger, R.: A pin-entry methodresilient against shoulder surfing. In: Proceedings of Conference on Computer and Communications Security, pp. 236–245 (2004)
18.
Zurück zum Zitat Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.-C.: Design andevaluation of a shoulder-surfing resistant graphical passwordscheme. In: Proceedings of Conference on Advanced Visual Interfaces, pp. 177–184(2006) Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.-C.: Design andevaluation of a shoulder-surfing resistant graphical passwordscheme. In: Proceedings of Conference on Advanced Visual Interfaces, pp. 177–184(2006)
19.
Zurück zum Zitat Bianchi, A., Oakley, I., Kwon, D.S.: The secure haptic keypad: atactile password system. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1089–1092 (2010) Bianchi, A., Oakley, I., Kwon, D.S.: The secure haptic keypad: atactile password system. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1089–1092 (2010)
20.
Zurück zum Zitat Kim, D., Dunphy, P., Briggs, P., Hook, J., Nicholson, J., Nicholson, J., Olivier, P.: Multi-touch authentication ontabletops. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1093–1102 (2010) Kim, D., Dunphy, P., Briggs, P., Hook, J., Nicholson, J., Nicholson, J., Olivier, P.: Multi-touch authentication ontabletops. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1093–1102 (2010)
21.
Zurück zum Zitat De Luca, A., von Zezschwitz, E., Hussmann, H.: Vibrapass: secureauthentication based on shared lies. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 913–916 (2009) De Luca, A., von Zezschwitz, E., Hussmann, H.: Vibrapass: secureauthentication based on shared lies. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 913–916 (2009)
22.
Zurück zum Zitat De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touchme once and i know it’s you! Implicit authentication based ontouch screen patterns. In: Proceedings of International Conference on Human Factors in Computing Systems (2012) De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touchme once and i know it’s you! Implicit authentication based ontouch screen patterns. In: Proceedings of International Conference on Human Factors in Computing Systems (2012)
23.
Zurück zum Zitat Sae-Bae, N., Memon, N.: Online signature verification on mobiledevices. IEEE Trans. Inf. Forensics Secur. 9(6), 947 (2014) Sae-Bae, N., Memon, N.: Online signature verification on mobiledevices. IEEE Trans. Inf. Forensics Secur. 9(6), 947 (2014)
24.
Zurück zum Zitat Sae-Bae, N., Memon, N., Isbister, K., Ahmed, K.: Multitouch gesture-based authentication. IEEE Trans. Inf. Forensics Secur. 9(4), 568–582 (2014)CrossRef Sae-Bae, N., Memon, N., Isbister, K., Ahmed, K.: Multitouch gesture-based authentication. IEEE Trans. Inf. Forensics Secur. 9(4), 568–582 (2014)CrossRef
25.
Zurück zum Zitat Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: a comprehensive security assessment. Secur. Priv. IEEE 8(2), 35–44 (2010)CrossRef Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: a comprehensive security assessment. Secur. Priv. IEEE 8(2), 35–44 (2010)CrossRef
26.
Zurück zum Zitat Von Zezschwitz, E., Dunphy, P., De Luca, A.: Patterns in the wild: a field study of the usability of pattern and pin-based authentication on mobile devices. In: Proceedings of International Conference on Human-computer Interaction with Mobile Devices and Services, pp. 261–270 (2013) Von Zezschwitz, E., Dunphy, P., De Luca, A.: Patterns in the wild: a field study of the usability of pattern and pin-based authentication on mobile devices. In: Proceedings of International Conference on Human-computer Interaction with Mobile Devices and Services, pp. 261–270 (2013)
27.
Zurück zum Zitat Brooke, J.: SUS: a quick and dirty usability scale, pp. 189–194. Taylor and Francis (1996) Brooke, J.: SUS: a quick and dirty usability scale, pp. 189–194. Taylor and Francis (1996)
28.
Zurück zum Zitat Sauro, J.: Measuring usability with the System Usability Scale (SUS) (2011) Sauro, J.: Measuring usability with the System Usability Scale (SUS) (2011)
29.
Zurück zum Zitat Bangor, A., Kortum, P.T., Miller, J.T.: An empirical evaluation of the system usability scale. Int. J. Hum. Comput. Interact. 24(6), 574–594 (2008)CrossRef Bangor, A., Kortum, P.T., Miller, J.T.: An empirical evaluation of the system usability scale. Int. J. Hum. Comput. Interact. 24(6), 574–594 (2008)CrossRef
Metadaten
Titel
Design and Analysis of Shoulder Surfing Resistant PIN Based Authentication Mechanisms on Google Glass
verfasst von
Dhruv Kumar Yadav
Beatrice Ionascu
Sai Vamsi Krishna Ongole
Aditi Roy
Nasir Memon
Copyright-Jahr
2015
Verlag
Springer Berlin Heidelberg
DOI
https://doi.org/10.1007/978-3-662-48051-9_21