TOKEN: Trustable keystroke-based authentication for web-based applications on smartphones

9Citations
Citations of this article
42Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Smartphones are increasingly being used to store personal information as well as to access sensitive data from the Internet and the cloud. Establishment of the identity of a user requesting information from smartphones is a prerequisite for secure systems in such scenarios. In the past, keystroke-based user identification has been successfully deployed on production-level mobile devices to mitigate the risks associated with naïve username/password based authentication. However, these approaches have two major limitations: they are not applicable to services where authentication occurs outside the domain of the mobile device - such as web-based services; and they often overly tax the limited computational capabilities of mobile devices. In this paper, we propose a protocol for keystroke dynamics analysis which allows web-based applications to make use of remote attestation and delegated keystroke analysis. The end result is an efficient keystroke-based user identification mechanism that strengthens traditional password protected services while mitigating the risks of user profiling by collaborating malicious web services. © 2010 Springer-Verlag Berlin Heidelberg.

Cite

CITATION STYLE

APA

Nauman, M., & Ali, T. (2010). TOKEN: Trustable keystroke-based authentication for web-based applications on smartphones. In Communications in Computer and Information Science (Vol. 76 CCIS, pp. 286–297). https://doi.org/10.1007/978-3-642-13365-7_28

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free