Skip to main content
main-content
Top

Hint

Swipe to navigate through the chapters of this book

2015 | OriginalPaper | Chapter

Design and Analysis of Shoulder Surfing Resistant PIN Based Authentication Mechanisms on Google Glass

Authors: Dhruv Kumar Yadav, Beatrice Ionascu, Sai Vamsi Krishna Ongole, Aditi Roy, Nasir Memon

Published in: Financial Cryptography and Data Security

Publisher: Springer Berlin Heidelberg

share
SHARE

Abstract

This paper explores options to the built-in authentication mechanism of the Google Glass which is vulnerable to shoulder surfing attacks. Two simple PIN-based authentication techniques are presented, both of which provide protection against shoulder surfing. The techniques employ two interfaces for entering the PIN, namely, voice (Voice-based PIN) and touchpad (Touch-based PIN). To enter the same PIN, user has the freedom to choose either technique and thereby interface, as per the environment in which authentication is being performed. A user study was conducted with 30 participants to compare the performance of the proposed methods with the built-in technique. The results show that the proposed mechanisms have a significantly better login success rate than the built-in technique. Interestingly, although the average authentication times of the proposed methods are higher than that of the built-in one, the users perceived them as being faster. The results also indicate that the proposed methods have better perceived security and usability than the built-in method. The study reveals that when it comes to authentication on augmented reality devices, there is a need for authentication mechanisms that complement each other as users tend to prefer a different interface in different contexts.
Literature
3.
go back to reference McNaney, R., Vines, J., Roggen, D., Balaam, M., Zhang, P., Poliakov, I., Olivier, P.: Exploring the acceptability of google glass as an everyday assistive device for people with parkinsons. In: Proceedings of CHI, pp. 2551–2554 (2014) McNaney, R., Vines, J., Roggen, D., Balaam, M., Zhang, P., Poliakov, I., Olivier, P.: Exploring the acceptability of google glass as an everyday assistive device for people with parkinsons. In: Proceedings of CHI, pp. 2551–2554 (2014)
4.
go back to reference Hernandez, J., Li, Y., Rehg, J. M., Picard, R. W.: BioGlass: physiological parameter estimation using a head-mounted wearable device. Accepted in Mobihealth Hernandez, J., Li, Y., Rehg, J. M., Picard, R. W.: BioGlass: physiological parameter estimation using a head-mounted wearable device. Accepted in Mobihealth
5.
go back to reference Ishimaru, S., Kunze, K., Kise, K., Weppner, J., Dengel, A., Lukowicz, P., Bulling, A.: In the blink of an eye: combining head motion and eye blink frequency for activity recognition with Google Glass. In: Proceedings of the Augmented Human International Conference, vol. 15 (2014) Ishimaru, S., Kunze, K., Kise, K., Weppner, J., Dengel, A., Lukowicz, P., Bulling, A.: In the blink of an eye: combining head motion and eye blink frequency for activity recognition with Google Glass. In: Proceedings of the Augmented Human International Conference, vol. 15 (2014)
6.
go back to reference Yus, R., Pappachan, P., Das, P. K., Mena, E., Joshi, A., Finin, T.: Demo: FaceBlock: privacy-aware pictures for google glass. In: Proceedings of International Conference on Mobile Systems, Applications, and Services, vol. 366 (2014) Yus, R., Pappachan, P., Das, P. K., Mena, E., Joshi, A., Finin, T.: Demo: FaceBlock: privacy-aware pictures for google glass. In: Proceedings of International Conference on Mobile Systems, Applications, and Services, vol. 366 (2014)
7.
go back to reference Egelman, S., Jain, S., Portnoff, R. S., Liao, K., Consolvo, S., Wagner, D.: Are you ready to lock? understanding user motivations for smartphone locking behaviors. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security (2014) Egelman, S., Jain, S., Portnoff, R. S., Liao, K., Consolvo, S., Wagner, D.: Are you ready to lock? understanding user motivations for smartphone locking behaviors. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security (2014)
8.
go back to reference Bailey, D. V., Drmuth, M., Paar, C.: “Typing” passwords withvoice recognition: how to authenticate to google glass. In: Proceedings ofthe Symposium on Usable Privacy and Security (2014) Bailey, D. V., Drmuth, M., Paar, C.: “Typing” passwords withvoice recognition: how to authenticate to google glass. In: Proceedings ofthe Symposium on Usable Privacy and Security (2014)
9.
go back to reference Rogers, J.: Please enter your four-digit pin. In: Financial Services Technology, U.S. Edition, vol. 4 (2007) Rogers, J.: Please enter your four-digit pin. In: Financial Services Technology, U.S. Edition, vol. 4 (2007)
10.
go back to reference Ratha, N.K., Chikkerur, S., Connell, J.H., Bolle, R.M.: Generating cancelable fingerprint templates. IEEE Trans. PAMI 29(4), 561–572 (2007) CrossRef Ratha, N.K., Chikkerur, S., Connell, J.H., Bolle, R.M.: Generating cancelable fingerprint templates. IEEE Trans. PAMI 29(4), 561–572 (2007) CrossRef
11.
go back to reference Weiss, R., De Luca, A.: PassShapes: utilizing stroke based authentication to increase password memorability. In: Proceedings of NordiCHI, pp. 383–392 (2008) Weiss, R., De Luca, A.: PassShapes: utilizing stroke based authentication to increase password memorability. In: Proceedings of NordiCHI, pp. 383–392 (2008)
12.
go back to reference Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: Proceedings of USENIX Security Symposium, vol. 13, pp. 1–14 (2004) Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: Proceedings of USENIX Security Symposium, vol. 13, pp. 1–14 (2004)
13.
go back to reference Birget, J.-C., Dawei, H., Memon, N.: Graphical passwords based on robust discretization. IEEE Trans. Inf. Forensics Secur. 1(3), 395–399 (2006) CrossRef Birget, J.-C., Dawei, H., Memon, N.: Graphical passwords based on robust discretization. IEEE Trans. Inf. Forensics Secur. 1(3), 395–399 (2006) CrossRef
14.
go back to reference Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of SSYM (1999) Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of SSYM (1999)
15.
go back to reference Dirik, A.E., Memon, N., Birget, J.C.: Modeling user choice in the PassPoints graphical password scheme. In: Proceedings of Usable Privacy and Security, pp. 20–28 (2007) Dirik, A.E., Memon, N., Birget, J.C.: Modeling user choice in the PassPoints graphical password scheme. In: Proceedings of Usable Privacy and Security, pp. 20–28 (2007)
17.
go back to reference Roth, V., Richter, K., Freidinger, R.: A pin-entry methodresilient against shoulder surfing. In: Proceedings of Conference on Computer and Communications Security, pp. 236–245 (2004) Roth, V., Richter, K., Freidinger, R.: A pin-entry methodresilient against shoulder surfing. In: Proceedings of Conference on Computer and Communications Security, pp. 236–245 (2004)
18.
go back to reference Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.-C.: Design andevaluation of a shoulder-surfing resistant graphical passwordscheme. In: Proceedings of Conference on Advanced Visual Interfaces, pp. 177–184(2006) Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.-C.: Design andevaluation of a shoulder-surfing resistant graphical passwordscheme. In: Proceedings of Conference on Advanced Visual Interfaces, pp. 177–184(2006)
19.
go back to reference Bianchi, A., Oakley, I., Kwon, D.S.: The secure haptic keypad: atactile password system. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1089–1092 (2010) Bianchi, A., Oakley, I., Kwon, D.S.: The secure haptic keypad: atactile password system. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1089–1092 (2010)
20.
go back to reference Kim, D., Dunphy, P., Briggs, P., Hook, J., Nicholson, J., Nicholson, J., Olivier, P.: Multi-touch authentication ontabletops. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1093–1102 (2010) Kim, D., Dunphy, P., Briggs, P., Hook, J., Nicholson, J., Nicholson, J., Olivier, P.: Multi-touch authentication ontabletops. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 1093–1102 (2010)
21.
go back to reference De Luca, A., von Zezschwitz, E., Hussmann, H.: Vibrapass: secureauthentication based on shared lies. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 913–916 (2009) De Luca, A., von Zezschwitz, E., Hussmann, H.: Vibrapass: secureauthentication based on shared lies. In: Proceedings of International Conference on Human Factors in Computing Systems, pp. 913–916 (2009)
22.
go back to reference De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touchme once and i know it’s you! Implicit authentication based ontouch screen patterns. In: Proceedings of International Conference on Human Factors in Computing Systems (2012) De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touchme once and i know it’s you! Implicit authentication based ontouch screen patterns. In: Proceedings of International Conference on Human Factors in Computing Systems (2012)
23.
go back to reference Sae-Bae, N., Memon, N.: Online signature verification on mobiledevices. IEEE Trans. Inf. Forensics Secur. 9(6), 947 (2014) Sae-Bae, N., Memon, N.: Online signature verification on mobiledevices. IEEE Trans. Inf. Forensics Secur. 9(6), 947 (2014)
24.
go back to reference Sae-Bae, N., Memon, N., Isbister, K., Ahmed, K.: Multitouch gesture-based authentication. IEEE Trans. Inf. Forensics Secur. 9(4), 568–582 (2014) CrossRef Sae-Bae, N., Memon, N., Isbister, K., Ahmed, K.: Multitouch gesture-based authentication. IEEE Trans. Inf. Forensics Secur. 9(4), 568–582 (2014) CrossRef
25.
go back to reference Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: a comprehensive security assessment. Secur. Priv. IEEE 8(2), 35–44 (2010) CrossRef Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: a comprehensive security assessment. Secur. Priv. IEEE 8(2), 35–44 (2010) CrossRef
26.
go back to reference Von Zezschwitz, E., Dunphy, P., De Luca, A.: Patterns in the wild: a field study of the usability of pattern and pin-based authentication on mobile devices. In: Proceedings of International Conference on Human-computer Interaction with Mobile Devices and Services, pp. 261–270 (2013) Von Zezschwitz, E., Dunphy, P., De Luca, A.: Patterns in the wild: a field study of the usability of pattern and pin-based authentication on mobile devices. In: Proceedings of International Conference on Human-computer Interaction with Mobile Devices and Services, pp. 261–270 (2013)
27.
go back to reference Brooke, J.: SUS: a quick and dirty usability scale, pp. 189–194. Taylor and Francis (1996) Brooke, J.: SUS: a quick and dirty usability scale, pp. 189–194. Taylor and Francis (1996)
28.
go back to reference Sauro, J.: Measuring usability with the System Usability Scale (SUS) (2011) Sauro, J.: Measuring usability with the System Usability Scale (SUS) (2011)
29.
go back to reference Bangor, A., Kortum, P.T., Miller, J.T.: An empirical evaluation of the system usability scale. Int. J. Hum. Comput. Interact. 24(6), 574–594 (2008) CrossRef Bangor, A., Kortum, P.T., Miller, J.T.: An empirical evaluation of the system usability scale. Int. J. Hum. Comput. Interact. 24(6), 574–594 (2008) CrossRef
Metadata
Title
Design and Analysis of Shoulder Surfing Resistant PIN Based Authentication Mechanisms on Google Glass
Authors
Dhruv Kumar Yadav
Beatrice Ionascu
Sai Vamsi Krishna Ongole
Aditi Roy
Nasir Memon
Copyright Year
2015
Publisher
Springer Berlin Heidelberg
DOI
https://doi.org/10.1007/978-3-662-48051-9_21

Premium Partner