Abstract
In many situations, it is of interest for authentication systems to adapt to context (e.g., when the user’s behavior differs from the previous behavior). Hence, representing the context with appropriate and well-designed models is crucial. We provide a comprehensive overview and analysis of research work on Context Modelling for Adaptive Authentication systems (CM4AA). To this end, we pursue three goals based on the Systematic Mapping Study (SMS) and Systematic Literature Review (SLR) research methodologies. We first present a SMS to structure the research area of CM4AA (goal 1). We complement the SMS with an SLR to gather and synthesise evidence about context information and its modelling for adaptive authentication systems (goal 2). From the knowledge gained from goal 2, we determine the desired properties of the context information model and its use for adaptive authentication systems (goal 3). Motivated to find out how to model context information for adaptive authentication, we provide a structured survey of the literature to date on CM4AA and a classification of existing proposals according to several analysis metrics. We demonstrate the ability of capturing a common set of contextual features that are relevant for adaptive authentication systems independent from the application domain. We emphasise that despite the possibility of a unified framework, no standard for CM4AA exists.
- [1] . 2012. A framework for dynamic validation of context-aware applications. In IEEE 15th International Conference on Computational Science and Engineering. 532–539.
DOI: Google ScholarDigital Library
- [2] . 2017. Study on access control approaches in the context of internet of things: A survey. In International Conference on Engineering and Technology (ICET). IEEE, 1–7.Google Scholar
Cross Ref
- [3] . 2021. A lightweight cyber security framework with context-awareness for pervasive computing environments. Sustain. Cit. Societ. 66 (2021), 102610.Google Scholar
Cross Ref
- [4] . 2017. On the design of distributed adaptive authentication systems. Open Access Media 5 (2017), 12–14.Google Scholar
- [5] . 2019. A survey on adaptive authentication. ACM Comput. Surv. 52, 4 (2019), 1–30.Google Scholar
Digital Library
- [6] . 2013. Adaptive authentication: Issues and challenges. In World Congress on Computer and Information Technology (WCCIT). IEEE, 1–6.Google Scholar
- [7] . 2017. A survey of techniques for the identification of mobile phones using the physical fingerprints of the built-in components. IEEE Commun. Surv. Tutor. 19, 3 (2017), 1761–1789.Google Scholar
Digital Library
- [8] . 2019. Models@ run.time: A guided tour of the state of the art and research challenges. Softw. Syst. Model. 18, 5 (2019), 3049–3082.Google Scholar
Digital Library
- [9] . 2019. Access control in the internet of things: A survey of existing approaches and open research questions. Ann. Telecommun. 74 (
03 2019).DOI: Google ScholarCross Ref
- [10] . 2012. A multiple watermarks algorithm for image content authentication. J. Centr. South Univ. 19, 10 (2012), 2866–2874.Google Scholar
Cross Ref
- [11] . 2020. Design and implementation on EMBA authentication models. In IEEE VLSI Device Circuit and System (VLSI DCS). IEEE, 283–288.
DOI: Google ScholarCross Ref
- [12] . 2001. Understanding and using context. Person. Ubiq. Comput. 5, 1 (2001), 4–7.Google Scholar
Digital Library
- [13] . 2018. Digital identity: The current state of affairs. BBVA Res. 1, 0 (2018), 1–46.Google Scholar
- [14] . 2013. IT-Sicherheit: Konzepte-Verfahren-Protokolle. Walter de Gruyter, Germany.Google Scholar
Cross Ref
- [15] . 2017. Finger Knuckle Print and Palmprint for Efficient Person Recognition. Ph.D. Dissertation. Northumbria University, Northumbria.Google Scholar
- [16] . 2011. Towards an open framework for mobile digital identity management through strong authentication methods. In FTRA International Conference on Secure and Trust Computing, Data Management, and Application. Springer, na, 56–63.Google Scholar
Cross Ref
- [17] . 2016. Who are you? A statistical approach to measuring user authenticity. In 23rd Annual Network & Distributed System Security Symposium (NDSS). 21–24.Google Scholar
- [18] . 2020. A security approach to build a trustworthy ubiquitous learning system. In IEEE Bangalore Humanitarian Technology Conference (B-HTC). IEEE, 1–6.Google Scholar
- [19] . 2015. Context-aware authentication for the internet of things. In 11th International Conference on Autonomic and Autonomous Systems. IEEE, 134–139.Google Scholar
- [20] . 2019. CORMORANT: Ubiquitous risk-aware multi-modal biometric authentication across mobile devices. Proc. ACM on Interact., Mob., Wear. Ubiq. Technol. 3, 3 (2019), 1–23.Google Scholar
Digital Library
- [21] . 2013. A review on authentication methods. Austral. J. Basic Appl. Sci. 7, 5 (2013), 95–107.Google Scholar
- [22] . 2009. Towards shrink-wrapped security: A taxonomy of security-relevant context. In IEEE International Conference on Pervasive Computing and Communications. IEEE, 1–2.Google Scholar
Digital Library
- [23] . 2020. A survey of context-aware access control mechanisms for cloud and fog networks: Taxonomy and open research issues. Sensors 20, 9 (2020), 2464.Google Scholar
Cross Ref
- [24] . 2020. Trust management in social internet of things: Architectures, recent advancements and future challenges. IEEE Internet Things J. 8, 10 (2020), 7768–7788.Google Scholar
Cross Ref
- [25] . 2012. Human identity verification using multispectral palmprint fusion. J. Sig. Inf. Process. 3, 2 (2012), 263–273.Google Scholar
- [26] . 2021. Palm print recognition using 2D Fourier transformation and integration function. (2021). Google Scholar
Cross Ref
- [27] . 2017. Continuous user authentication via unlabeled phone movement patterns. In IEEE International Joint Conference on Biometrics (IJCB). IEEE, 177–184.Google Scholar
Digital Library
- [28] . 2016. A review of authentication methods. Vol 5 (2016), 246–249. http://hozir.org/pars_docs/refs/619/618479/618479.pdf.Google Scholar
- [29] . 2011. A context-aware recommendation system to behavioral based authentication in mobile and pervasive environments. In IFIP 9th International Conference on Embedded and Ubiquitous Computing. IEEE, 312–319.Google Scholar
Digital Library
- [30] . 2021. Exploring Deep Learning for Joint Audio-Visual Lip Biometrics. (2021). Google Scholar
Cross Ref
- [31] . 2018. Using Blockchain to Build Decentralized Access Control in a Peer-to-peer E-learning Platform. Ph.D. Dissertation. University of Saskatchewan, Saskatchewan.Google Scholar
- [32] . 2018. Handbook of Applied Cryptography. CRC Press.Google Scholar
- [33] . 2018. Revisiting context-based authentication in IoT. In 55th Annual Design Automation Conference. 1–6.Google Scholar
Digital Library
- [34] . 2016. Intruder detector: A continuous authentication tool to model user behavior. In IEEE Conference on Intelligence and Security Informatics (ISI). IEEE, 286–291.Google Scholar
Digital Library
- [35] . 2011. Biometrics verification: A literature survey. Int. J. Comput. ICT Res. 5, 2 (2011), 67–80.Google Scholar
- [36] . 2019. A context-aware authentication approach for smartphones. In International Conference on Computer and Information Sciences (ICCIS). IEEE, 1–5.Google Scholar
Cross Ref
- [37] . 2017. Situation awareness in the internet of things. In International Conference on Engineering, Technology and Innovation (ICE/ITMC). IEEE, 982–990.Google Scholar
Cross Ref
- [38] . 2016. Learning human identity from motion patterns. IEEE Access 4 (2016), 1810–1820.Google Scholar
Cross Ref
- [39] . 2018. Modeling identity for the internet of things: Survey, classification and trends. In 12th International Conference on Sensing Technology (ICST). ICST, 45–51.
DOI: Google ScholarCross Ref
- [40] . 2015. A multimodal biometric system based on palmprint and finger knuckle print recognition methods.Int. Arab J. Inf. Technol. 12, 2 (2015), 118–128.Google Scholar
- [41] . 2008. Systematic mapping studies in software engineering. In 12th International Conference on Evaluation and Assessment in Software Engineering (EASE). 1–10.Google Scholar
Cross Ref
- [42] . 2015. Guidelines for conducting systematic mapping studies in software engineering: An update. Inf. Softw. Technol. 64 (2015), 1–18.Google Scholar
Digital Library
- [43] . 2015. Adaptive approaches for keystroke dynamics. In International Joint Conference on Neural Networks (IJCNN). IJCNN, 1–8.
DOI: Google ScholarCross Ref
- [44] . 2020. Vein pattern verification and identification based on local geometric invariants constructed from minutia points and augmented with barcoded local feature. Appl. Sci. 10, 9 (2020), 3192.Google Scholar
Cross Ref
- [45] . 1980. An algorithm for suffix stripping. Program 14, 3 (1980), 130–137.Google Scholar
Cross Ref
- [46] . 2015. PRISM: Policy-driven risk-based implicit locking for improving the security of mobile end-user devices. In 13th International Conference on Advances in Mobile Computing and Multimedia. ACM, 365–374.Google Scholar
Digital Library
- [47] . 2012. Progressive authentication: Deciding when to authenticate on mobile phones. In 21st USENIX Security Symposium (USENIX Security’12). 301–316.Google Scholar
- [48] . 2014. On continuous user authentication via typing behavior. IEEE Trans. Image Process. 23, 10 (2014), 4611–4624.Google Scholar
Cross Ref
- [49] . 2011. Characterization of palmprint using discrete orthonormal s-transform. In International Conference on Hand-based Biometrics. IEEE, 1–6.Google Scholar
Cross Ref
- [50] . 2014. A context-based user authentication scheme for ubiquitous services. In World Congress on Engineering and Computer Science.Google Scholar
- [51] . 2018. Sensor-based proximity detection in the face of active adversaries. IEEE Trans. Mob. Comput. 18, 2 (2018), 444–457.Google Scholar
Digital Library
- [52] . 2019. Risk-based static authentication in web applications with behavioral biometrics and session context analytics. In International Conference on Applied Cryptography and Network Security. Springer, 3–23.Google Scholar
Digital Library
- [53] . 2017. Ranking semantic web authorization systems. Semant. Web 8 1, 5 (2017), 570–0844.Google Scholar
- [54] . 2021. Uncertainty representation in software models: A survey. Softw. Syst. Model. 20, 4 (2021), 1–31.Google Scholar
- [55] . 2014. Comparing and fusing different sensor modalities for relay attack resistance in zero-interaction authentication. In IEEE International Conference on Pervasive Computing and Communications (PerCom). IEEE, 163–171.
DOI: Google ScholarCross Ref
- [56] . 2019. Is this really you? An empirical study on risk-based authentication applied in the wild. In IFIP International Conference on ICT Systems Security and Privacy Protection. Springer, 134–148.Google Scholar
Cross Ref
- [57] . 2013. Context-aware mobile biometric authentication based on support vector machines. In 4th International Conference on Emerging Security Technologies. IEEE, 29–32.Google Scholar
Digital Library
Index Terms
On Understanding Context Modelling for Adaptive Authentication Systems
Recommendations
A Survey on Adaptive Authentication
Adaptive Authentication allows a system to dynamically select the best mechanism(s) for authenticating a user depending on contextual factors, such as location, proximity to devices, and other attributes. Though this technology has the potential to ...
Context Distribution System through brokers and simple APIs
In order to allow fast and efficient development, deployment, and management of Context Aware Services (CASs), a global system that allows the services to gain access to context information should be created, maintained, and managed. In this paper, we ...
A Context Quality Model for Ubiquitous Applications
NPC '07: Proceedings of the 2007 IFIP International Conference on Network and Parallel Computing WorkshopsQuality of Context (QoC) is critical in context reasoning, context refining, security policy configuring, etc. Many researches have been presented to model context and its quality by quantifying QoC-parameters. However, these quality models emphasis on ...






Comments