Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions
Abstract
This paper proposes a frictionless authentication system, provides a comprehensive security analysis of and proposes potential solutions for this system. It first presents a system that allows users to authenticate to services in a frictionless manner, i.e., without the need to perform any particular authentication-related actions. Based on this system model, the paper analyses security problems and potential privacy threats imposed on users, leading to the specification of a set of security and privacy requirements. These requirements can be used as a guidance on designing secure and privacy-friendly frictionless authentication systems. The paper also sketches three potential solutions for such systems and highlights their advantages and disadvantages.
Cite
@article{arxiv.1802.07231,
title = {Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions},
author = {Mustafa A. Mustafa and Aysajan Abidin and Enrique Argones Rúa},
journal= {arXiv preprint arXiv:1802.07231},
year = {2018}
}
Comments
published at the 11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017)