Zero-Interaction Authentication Method Doesn't Need Password For Secure Login

Moving beyond passwords for authentication when logging in to a system, an app, an online service was a long-time calling. Largely because of the increase in incidents of passwords getting hacked or stolen, getting rid of passwords and coming up with an even more effective and secure solution has been a challenge for the University of Alabama at Birmingham (UAB) has come up with a new mechanism called " zero-interaction authentication" that eliminates the need of passwords, is easy-to-use and provides secure login protection. Nitesh Saxena, Ph.D., associate professor in the Department of Computer and Information Science, who leads this research is working in collaboration with the University of Helsinki and Aalto University in Finland on this project.

The new method of zero-interaction authentication works a lot like the passive 'keyless entry' system that is becoming popular in cars. It lets user access a PC, tablet or a car without interacting with it. Using wireless channels such as Bluetooth, the system detects the user’s security token such as a mobile phone and then depending on it, verifies and grants access to the user. This works the same way as the BlueProximity app - that can be used for automatically locking and unlocking the screen when you and your phone leave/enter the desk.

passwords-not-needed-uab-researchers

Before we go on to label this new mechanism as a plain proximity detector, we have to consider the fact that the zero-interaction authentication in use today are vulnerable to relay attacks (also called "ghost-and-leech attacks"). These attacks normally have a hacker or ghost who authenticates to the terminal on behalf of the user by colluding with another hacker or leech, who is close to the user at another location.

To counter such attacks, the UAB research team studied two types of sensor modalities - First included four sensor modalities that are commonly present on devices: Wi-Fi, Bluetooth, GPS and audio and Second involved the capabilities of using ambient physical sensors as a proximity-detection mechanism and focused on four: ambient temperature, precision gas, humidity and altitude. The second method was clearly a winner. By employing multiple modality combinations, the researchers were successful in delivering a robust relay-attack defense as well as good usability.

password-not-needed-uab-research-2
What are your thoughts on zero-interaction authentication mechanism? Share with us in comments below.
Source: #-Link-Snipped-#

Replies

  • awasthi.nishant01
    awasthi.nishant01
    Idea is awesome but second approach doesn't seem to be explained much. If you can provide any link where the details of second approach can be found.
  • Ankita Katdare
    Ankita Katdare
    #-Link-Snipped-# Sure. You can study these two papers published by the UAB researchers -

    Comparing and Fusing Different Sensor Modalities for Relay Attack Resistance in Zero-Interaction Authentication
    #-Link-Snipped-#

    Drone to the Rescue: Relay-Resilient Authentication using Ambient Multi-Sensing
    #-Link-Snipped-#
  • Satya Swaroop Dash
    Satya Swaroop Dash
    The authentication method too many parameters to make sure it is foolproof but this also means investing more money for hardware. So is the cost of the hardware for this system worth the money ?
    To answer this question we have to find out what will its commercial equivalent cost ?.

You are reading an archived discussion.

Related Posts

An unflagging zeal for knowledge and love for bikes aptly describe our CEan @Vikram S Bargah . His contribution to CE has been great with his active involvement in discussions...
Imagine a good old house with roof tiles that help keeps the air around it safe to breath. A team of engineers from Bourns College of Engineering at University of...
Hi all First of all thank you to the administration team for such a nice platform for all of us..i would like to know few questions about core jobs as...
Samsung Electronics Co Ltd and Barnes & Noble Inc have now partnered to create co-branded tablet to revive latter's Nook business. This collaboration shall marry Samsung's hardware to Nook's software,...
HI i am a diploma student i want an creative IT project