Most authentication is done as a one-time procedure, before access to a protected resource is granted to the authorized user. For some situations, this one-time authentication may not be sufficient. A highly secure application may wish to guard against 'session hijacking', in which an unauthorized user forcibly takes over an authenticated login session after the legitimate user has successfully logged in. Continuous Authentication is thus necessary. A secure system must be able to, at any time, determine whether or not the authorized user is still the one using the system. Any change in the continued presence of the user, whether by his temporary absence, or by an imposter, must be quickly detected to avoid compromising security.
Continuous Authentication presents numerous challenges: (i) it must be done passively, since it would be impractical to keep interrupting the user to re-authenticate using traditional methods; (ii) it must have minimal computational overhead, as otherwise the system may be too slow to be usable; (iii) it must achieve low false accepts and false rejects; (iv) it must provide authentication certainty even when the user is not using the keyboard or mouse or other input devices.
This lecture will discuss these issues in depth, and explore techniques in which practical Continuous Authentication may be achieved. In particular, the choice of Soft Biometrics (defined as biometrics that, under normal circumstances, does not uniquely identify any particular person, eg. gender) instead of Hard Biometrics, may prove sufficient and efficient for Continuous Authentication. The ubiquity of smart mobile devices provides a new platform for Continuous Authentication to become more mainstream. [Go to the full record in the library's catalogue]
This video is presented here with the permission of the speakers.
Any downloading, storage, reproduction, and redistribution are strictly prohibited
without the prior permission of the respective speakers.
Go to Full Disclaimer.
Full Disclaimer
This video is archived and disseminated for educational purposes only. It is presented here with the permission of the speakers, who have mandated the means of dissemination.
Statements of fact and opinions expressed are those of the inditextual participants. The HKBU and its Library assume no responsibility for the accuracy, validity, or completeness of the information presented.
Any downloading, storage, reproduction, and redistribution, in part or in whole, are strictly prohibited without the prior permission of the respective speakers. Please strictly observe the copyright law.
