A STUDY IN AUTHENTICATION VIA ELECTRONIC PERSONAL HISTORY QUESTIONS

Ann Nosseir; Sotirios Terzis

doi:10.5220/0002908000630070

A STUDY IN AUTHENTICATION VIA ELECTRONIC PERSONAL HISTORY QUESTIONS

Ann Nosseir, Sotirios Terzis

2010

Abstract

Authentication via electronic personal history questions is a novel technique that aims to enhance question-based authentication. This paper presents a study that is part of a wider investigation into the feasibility of the technique. The study used academic personal web site data as a source of personal history information, and studied the effect of using an image-based representation of questions about personal history events. It followed a methodology that assessed the impact on both genuine users and attackers, and provides a deeper insight into their behaviour. From an authentication point of view, the study concluded that (a) an image-based representation of questions is certainly beneficial; (b) a small increase in the number of distracters/options used in closed questions has a positive effect; and (c) despite the closeness of the attackers their ability to answer correctly with high confidence questions about the genuine users’ personal history is limited. These results are encouraging for the feasibility of the technique.

Download

Paper Citation

in Harvard Style

Nosseir A. and Terzis S. (2010). A STUDY IN AUTHENTICATION VIA ELECTRONIC PERSONAL HISTORY QUESTIONS . In Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 5: ICEIS, ISBN 978-989-8425-08-9, pages 63-70. DOI: 10.5220/0002908000630070

in Bibtex Style

@conference{iceis10,
author={Ann Nosseir and Sotirios Terzis},
title={A STUDY IN AUTHENTICATION VIA ELECTRONIC PERSONAL HISTORY QUESTIONS},
booktitle={Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 5: ICEIS,},
year={2010},
pages={63-70},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002908000630070},
isbn={978-989-8425-08-9},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 5: ICEIS,
TI - A STUDY IN AUTHENTICATION VIA ELECTRONIC PERSONAL HISTORY QUESTIONS
SN - 978-989-8425-08-9
AU - Nosseir A.
AU - Terzis S.
PY - 2010
SP - 63
EP - 70
DO - 10.5220/0002908000630070