Dartmouth College researchers have created the Bilateral Recurring Authentication Conducted Effortless (BRACE) system, an approach to computer security that continuously authenticates users while they are using a terminal and automatically logs them out when they leave or when someone else steps in to use the terminal.
"In this work, we focused on the de-authentication problem for desktop computers because we were motivated by associated problems faced by healthcare professionals in hospitals," says Dartmouth professor David Kotz.
BRACE users wear a bracelet with a built-in accelerometer, gyroscope, and radio on the dominant wrist. "We wanted to develop a method that does not require any hardware modification to existing devices and does not rely on a user's behavior," says Dartmouth researcher Shrirang Mare.
When a user interacts with a computer terminal, the bracelet records the user's wrist movement, processes it, and sends it to the terminal. The terminal then compares the wrist movement with the input it receives from the user via keyboard and mouse and confirms the continued presence of the user only if the input correlates.
During testing, BRACE performed continuous authentication with 85-percent accuracy in verifying the correct user and identified all adversaries within 11 seconds.
"It would be natural to extend BRACE to mobile devices such as smartphones or tablet computers, and we believe this is possible despite some different challenges," Kotz says.
From Dartmouth Now
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found