Abstract
Existing sustainable IT services have several problems related to user authentication such as the inefficiency of managing the system security, low security, and low usability. In this paper, we propose a Fast IDentity Online (FIDO) authenticator that performs continuous authentication with implicit authentication based on user context and multimodal authentication. The proposed FIDO authenticator, a context-aware multimodal FIDO authentication (CAMFA) method, combines information such as the user context, state of the mobile device, and user biometrics, then applies implicit and explicit authentication methods to meet the level of authentication required by the service provider. This reduces the user’s explicit authentication burden and continually authenticates users at risk during the session. Moreover, it is able to respond to attacks such as the theft of the authentication method or session hijacking. To study the effectiveness of CAMFA, we ran a user study by collecting data from 22 participants over 42 days of activity on a practical Android platform. The result of the user study demonstrates that the number of explicit authentication requests could be reduced by half. Based on the results of this study, an advanced user authentication that provides multimodal and continuous authentication could be applied to sustainable IT services.
Highlights
User authentication is one of the most important issues in sustainable IT services; it is an essential procedure for verifying the identity of entities accessing the system
In order to solve the limitations of user authentication, we propose a context-aware multimodal Fast IDentity Online (FIDO) authentication (CAMFA) method as a form of FIDO authenticator
Existing sustainable IT services have several problems related to user authentication such as the inefficiency of managing the system security, low security, and low usability
Summary
User authentication is one of the most important issues in sustainable IT services; it is an essential procedure for verifying the identity of entities accessing the system. Authentication methods such as passwords and biometrics are applied to satisfy the security requirements of the system. This approach has three limitations that hinder sustainable IT services. There is the burden of establishing each user authentication function and the inefficiency of managing system security. In order to use a confidential service, the user must perform troublesome authentication procedures every time
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
