CASA: Context-Aware Scalable Authentication, at SOUPS 2013
Download as PPT, PDF0 likes263 views
The document discusses the CASA (Context-Aware Scalable Authentication) framework designed to enhance user authentication by adjusting security measures based on contextual factors. Through a series of field studies, it evaluates the usability and security of varying authentication schemes across different environments, notably home and workplace. Results suggest that users prefer the system that minimizes the need for constant authentication, while still maintaining appropriate security levels, showing a balance between usability and security.
![Field Study #1
• Where do people log in to their phones?
• 32 participants
• 7 to 140 days
PPllaaccee MMeeaann TTiimmee [[%%]] MMeeaann AAccttiivvaattiioonn [[%%]]
1 (Home) 38.9 31.9
2 (Workplace) 18.7 28.9
Others 42.4 39.2](https://image.slidesharecdn.com/casa-soups2014-141012154335-conversion-gate01/85/CASA-Context-Aware-Scalable-Authentication-at-SOUPS-2013-57-320.jpg)
CASA: Context-Aware Scalable Authentication, at SOUPS 2013
- 1. CASA: Context-Aware Scalable Authentication Eiji Hayashi, Sauvik Das, Shahriyar Amini Jason Hong, Ian Oakley Human-Computer Interaction Institute Carnegie Mellon University
- 2. One Fits All? Devices require the same user authentication regardless of contexts
- 3. If Cost Too Much Stop using authentication system
- 4. A Few Could Fit All How can we choose security lock system for different situations? Do they provide better security and usability from users’ perspectives?
- 5. Context-Aware Scalable Authentication •Authenticate users using active factors and passive factors •Adjust an active factor based on passive factors •Quantitative way to choose an active factor
- 6. Prototype
- 7. Outline • Underlying Model • Feasibility Analysis (Field Study #1) • Prototype Evaluation (Field Study #2) • Security Analysis • Design Iteration (Field Study #3) • Conclusion
- 8. Outline • CASA Framework • Feasibility Analysis (Field Study #1) • Prototype Evaluation (Field Study #2) • Security Analysis • Design Iteration (Field Study #3) • Conclusion
- 11. Combining Multiple Factors The probability that a person is a legitimate user given a set of signals
- 12. Combining Multiple Factors The probability that a person is NOT a legitimate user given a set of signals
- 13. Combining Multiple Factors Weight that balances false positives and false negatives
- 14. Combining Multiple Factors Authenticate: A user is more likely to be a legitimate user
- 15. Combining Multiple Factors Reject: A user is less likely to be a legitimate user
- 17. Prototype Evaluation (Field Study #2)
- 18. Field Study #2 Test system that changes authentication schemes based on location
- 19. Choosing an Authentication Scheme Location Active Factor Home ? Workplace PIN Other Places ?
- 21. Compare Confidence Type PIN Be at workplace Type PIN Be at other place
- 24. Compare Confidence Type PIN Be at workplace Type Password Be at other place
- 26. Chosen Authentication Scheme Location Active Factor Home ? Workplace PIN Other Places Password
- 27. Two Conditions Location w/ PIN w/o PIN Home PIN None Workplace PIN None Other Places Password PIN
- 28. Screenshots
- 29. Field Study #2 • 32 participants • 18 to 40 years old (mean=24) • On their phones • For 2 weeks
- 30. Result: # of Activations Condition Home Workplace Other Places w/o PIN None 13.1 (1.4) None 2.5 (0.4) PIN 8.1 (1.1) w/ PIN PIN 24.5 (3.2) PIN 7.1 (1.0) Password 15.7 (2.0)
- 31. Result: # of Activations Condition Home Workplace Other Places w/o PIN 65.8% 34.2% w/ PIN 66.8% 33.2%
- 32. Result: User Feedback Condition Easy to understand Secure Prefer to use w/o PIN 5 4 3.5 w/ PIN 4 4 3
- 33. Quotes P3 said, “I don't normally use a security lock, but I would be much more inclined to use one if it didn't require constant unlocking.”
- 34. Quotes P5 said, “I like the system. It’s a great pain to type pin at home, because the nature of the phone, it goes to sleep quickly, then I have to type pin again, which is super annoying.”
- 35. Quotes P12 said, “Typing passwords to check text was annoying. I don't think I will use it.”
- 36. Appropriate Security Level Location Using PIN No Security Locks Home None Workplace Other Places PIN
- 37. Appropriate Security Level Location Using PIN No Security Locks Home PIN Workplace PIN Other Places PIN
- 38. Appropriate Security Level Location Using PIN No Security Locks Home PIN None Workplace PIN Other Places PIN
- 39. Appropriate Security Level Location Using PIN No Security Locks Home PIN None Workplace PIN None Other Places PIN None
- 40. Design Iteration (Field Study #3)
- 41. Design Iteration • Appropriate security level • Workplace is not as safe as home
- 42. Appropriate Security Level Location Active Factor Home None Workplace Other Places
- 43. Appropriate Security Level Location Active Factor Home None Workplace Other Places PIN
- 44. Workplace is not safe + No Active Factor Be at Home + No Active Factor Be at Workplace
- 45. Workplace is not safe + No Active Factor Be at Home + Type PIN Be at Workplace
- 46. Workplace is not safe + No Active Factor Be at Home No Active Factor + + Using Computer Be at Workplace
- 47. Active Factor Selection Location Active Factor Home None Workplace when using computers None Workplace when not using computers PIN Others PIN
- 48. Notification
- 49. Field Study #3 • 18 participants • 21 to 40 years old (mean=26.3) • On their phones and laptops • For 10 to 14 days
- 50. Result: At Workplace Grey: Computer not used Black: Computer used
- 51. Result: User Feedback Feature Easy to understand Useful Secure Prefer to use Location-based 5 4.5 4 4 Comp-based 4.5 4 3.5 3.5 Notification - 4 - 4
- 52. Quote • P17 said, “It is annoying to use security locks all the time, but whereas if I had such a system which requires pin only at unsecure places its usefulness adds more value when compared to the annoyance caused by it. So, I will definitely use it.”
- 53. Conclusion • Proposed a Naive Bayes framework to combine multiple factors to adjust active authentication schemes • The framework allowed us to choose active factor in a quantitative way • Field studies indicated that users preferred the proposed system
- 54. Backup
- 55. Feasibility Analysis (Field Study #1)
- 56. Location as a Signal • People have their own mobility patterns • Random people don’t have access to certain places
- 57. Field Study #1 • Where do people log in to their phones? • 32 participants • 7 to 140 days PPllaaccee MMeeaann TTiimmee [[%%]] MMeeaann AAccttiivvaattiioonn [[%%]] 1 (Home) 38.9 31.9 2 (Workplace) 18.7 28.9 Others 42.4 39.2
- 59. Security Analysis Condition Knowledge about target users Uninformed Informed Technical expertise Novice Uninformed Novice Informed Novice Expert Uninformed Expert Informed Expert
- 60. Security Analysis Condition Knowledge about target users Uninformed Informed Technical expertise Novice Uninformed Novice Informed Novice Expert Uninformed Expert Informed Expert Strangers •CASA is as strong as PIN/password
- 61. Security Analysis Condition Knowledge about target users Uninformed Informed Technical expertise Novice Uninformed Novice Informed Novice Expert Uninformed Expert Informed Expert Family members, Friends, Co-workers •Trusted people •However, users trust co-workers less
- 62. Security Analysis Condition Knowledge about target users Uninformed Informed Technical expertise Novice Uninformed Novice Informed Novice Expert Uninformed Expert Informed Expert Dedicated attackers •Rare, but difficult to prevent •Detection rather than prevention
- 64. Results: # of Activations Gray: w/ PIN Black: w/o PIN
- 66. Result: User Feedback Condition Easy to understand Secure Prefer to use w/o PIN 5 4 3.5 w/ PIN 4 4 3 3 4
Editor's Notes
- #3: Today, devices require the same authentication regardless of the contexts. for instance, when a phone is at user’s home and in a foreign country which the user has never been to, the phone always require a PIN to unlock. Because of this, we need to design authentication system to be secure even in the most risky case.
- #4: However, if security system costs too much, users simply stop using it. In the case of mobile phones, people stop using security lock. Actually, many existing work reported that about half of the users do not use security lock.
- #5: This clearly shows that the concept of one fits all does not work well. Then, a question is, do a few fit all? If we have a few security lock system, do they cover all situations? More specifically, How can we choose security lock system for different situations? Do they provide better security and usability for users? These are questions that we investigated in this work.
- #6: So, we propose context-aware scalable authentication In
- #7: And we tested the framework through filed studies with two rather simple implementations of the framework
- #17: I will come back to this term later in this presentation. Now, we can compare confidence levels given by different sets of signals. The next questions is what signal we should combine ----- Meeting Notes (7/9/13 13:09) ----- explain sign
- #19: In the second field study, we developed a authentication system that changes authentication schemes based on users’ locations. Then, we tested the system using users’ own phones for two weeks
- #20: Now, the question is what authentication schemes we have to use for different locations. For simplicity, we used three locations in our system. Home. workplace ad others. Also, we used three different authentication scheme, None, PIN and password. Finally, we used authentication at workplace as a standard.
- #21: Now, we come back to this equation.
- #22: We can compare confidence levels from different sets of signals. As an example, let’s compare a scenario where a person types correct PIN at workplace and a scenario where a person types correct PIN at other places.
- #23: the first terms in these equation denotes the confidence given by typing a correct PIN. These values can be calculated using entropies of PIN. The second term denotes the confidence given by being at certain locations these values were obtain in the first field study.
- #24: When we compare these two, the confidence in the second scenario is smaller than the first one. Intuitively, being at other place provide smaller confidence than being at workplace.
- #25: So, if we want the confidence level in the second scenario as high as the one in the first scenario, we have to change the authentication scheme. If a person types a correct password at other places,
- #26: it can provide higher confidence than the first scenario ----- Meeting Notes (7/9/13 13:09) ----- entropy
- #27: by repeating the process, we came up with the two sets of configurations.
- #28: by repeating the process, we came up with the two sets of configurations.
- #31: ----- Meeting Notes (7/9/13 13:09) ----- comparison between the first study
- #32: ----- Meeting Notes (7/9/13 13:09) ----- add take aways
- #33: Qualitative feedback? 10
- #38: ----- Meeting Notes (7/25/13 07:30) ----- fix
- #45: So, if we want the confidence level in the second scenario as high as the one in the first scenario, we have to change the authentication scheme. If a person types a correct password at other places,
- #46: So, if we want the confidence level in the second scenario as high as the one in the first scenario, we have to change the authentication scheme. If a person types a correct password at other places,
- #47: So, if we want the confidence level in the second scenario as high as the one in the first scenario, we have to change the authentication scheme. If a person types a correct password at other places,
- #50: ----- Meeting Notes (7/25/13 00:46) ----- laptop
- #54: ----- Meeting Notes (7/9/13 12:34) ----- location identification
- #57: We decided to start from a very simple and effective signal. That is location. Because people have their own mobility patterns, and random people don’t have access to users’ home or workplaces. We thought that location can provide strong confidence about a person’s identity
- #58: We conducted two field study to investigate our idea. In the first study, we investigated how much we could improve the usability of user authentication in our system. The results were very positive. 60% of the time, people log into their phones at home or workplace. ----- Meeting Notes (7/9/13 13:09) ----- definition of other places
- #60: We categorized attackers in a 2x2 grid.
- #66: logfrac{P(PIN|u=1)}{P(PIN|u=-1)}+logfrac{P(W|u=1)}{P(W|u=-1)}\ logfrac{P(A|u=1)}{P(A|u=-1)}+logfrac{P(H|u=1)}{P(H|u=-1)}
- #68: logfrac{P(PIN|u=1)}{P(PIN|u=-1)}+logfrac{P(W|u=1)}{P(W|u=-1)}\ logfrac{P(A|u=1)}{P(A|u=-1)}+logfrac{P(H|u=1)}{P(H|u=-1)}