Skip to main content
SpringerLink
Log in

Context Sensitive Adaptive Authentication

  • Conference paper
Smart Sensing and Context (EuroSSC 2007)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4793))

Included in the following conference series:

Abstract

We exploit the ability to sense and use context information to augment or replace the traditional static security measures by making them more adaptable to a given context and thereby less intrusive. We demonstrate that by fusing location information obtained from various sources that are associated to the user and are available over time, the confidence in the identity of the user can be increased considerably. In fact, the level of confidence in the identity of the user is related to the probability that the user is at a certain location. This probability is used as a measure to parameterize the authentication level of the user making it thereby much more adaptive to changing situational circumstances. In this paper we describe the theoretical background for a context-sensitive adaptation of authentication and the design and validation of the system that we have developed to adaptively authenticate a user on the basis of the location of his sensed identity tokens.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Schneck, P.A., Schwan, K.: Dynamic Authentication for High-Performance Networked Applications. In: IWQoS 1998. Proc. of the 6th International Workshop on Quality of Service, Napa, California, USA, pp. 127–136 (1998)

    Google Scholar 

  2. Ryutov, T., Zhou, R., Neumann, C., Leithead, T., Seamons, K.E.: Adaptive Trust Negotiation and Access Control. In: SACMAT 2005. Proc. of the ACM Symposium on Access Control Models and Technologies, Stockholm, Sweden, pp. 139–146. ACM Press, New York (2005)

    Chapter  Google Scholar 

  3. Ganger, G.B.: Authentication Confidences. In: HotOS-VII 2001. Proc. of the Eighth Workshop on Hot Topics in Operating Systems, Elmau/Oberbayern, Germany, p. 169 (2001)

    Google Scholar 

  4. Noble, B.D., Corner, M.D.: The Case for Transient Authentication. In: Proc. of the 10th ACM SIGOPS European Workshop, Saint-Emilion, France, pp. 24–29. ACM Press, New York (2002)

    Chapter  Google Scholar 

  5. Covington, M.J., Ahamad, M., Essa, I., Venkateswaran, H.: Parameterized Authentication. In: Samarati, P., Ryan, P.Y A, Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 276–292. Springer, Heidelberg (2004)

    Google Scholar 

  6. Levin, T.E., Irvine, C.E., Spyropoulou, E.: Quality of Security Service: Adaptive Security. The Handbook of Information Security. In: Threats, Vulnerabilities, Prevention, Detection and Management, vol. III, John Wiley & Sons, Inc., Chichester (2005)

    Google Scholar 

  7. Marcus, L.: Local and Global Requirements in an Adaptive Security Infrastructure. In: International Workshop on Requirements for High Assurance Systems (RHAS), Monterey Bay, California (2003)

    Google Scholar 

  8. Kouadri Mostéfaoui, G., Brézillon, P.: A Generic Framework for Context-Based Distributed Authorizations. In: Blackburn, P., Ghidini, C., Turner, R.M., Giunchiglia, F. (eds.) CONTEXT 2003. LNCS, vol. 2680, pp. 204–217. Springer, Heidelberg (2003)

    Google Scholar 

  9. Hulsebosch, R.J., Salden, A.H., Bargh, M.S., Ebben, P.W.G., Reitsma, J.: Context sensitive access control. In: SACMAT 2005. Proc. of the tenth ACM symposium on Access control models and technologies, Stockholm, Sweden, pp. 111–119. ACM Press, New York (2005)

    Chapter  Google Scholar 

  10. Ranganathan, A., Al-Muhtadi, J., Campbell, R.H.: Reasoning About Uncertain Contexts in Pervasive Computing Environments. Pervasive Computing 3(2), 62–70 (2004)

    Article  Google Scholar 

  11. Belovin, S.M.: On the Brittleness of Software and the Infeasibility of Security Metrics. IEEE Security and Privacy 4(4) (2006)

    Google Scholar 

  12. van Kranenburg, H., Bargh, M.S., Iacob, S., Peddemors, A.: A Context Management Framework for Supporting Context Aware Distributed Applications. IEEE Communications Magazine 44(8), 67–74 (2006)

    Article  Google Scholar 

  13. Ranganathan, A., Al-Muhtadi, J., Chetan, S., Campbell, R., Mickunas, M.D.: MiddleWhere: A Middleware for Location Awareness in Ubiquitous Computing Applications. In: Jacobsen, H.-A. (ed.) Middleware 2004. LNCS, vol. 3231, pp. 397–416. Springer, Heidelberg (2004)

    Google Scholar 

  14. Jøsang, A., AlZomai, M., Suriadi, S.: Usability and Privacy in Identity Management Architectures. In: Brankovic, L., Steketee, C. (eds.) Proc. Fifth Australasian Information Security Workshop Privacy Enhancing Technologies (AISW 2007), Ballarat, Australia, pp. 143–152 (2007)

    Google Scholar 

  15. Bardram, J.: The trouble with login: on usability and computer security in ubiquitous computing. Personal and Ubiquitous Computing 9(6), 357–367 (2005)

    Article  Google Scholar 

  16. Hager, C.T.R.: Context Aware and Adaptive Security for Wireless Networks. PhD thesis, Virginia Polytechnic Institute and State University (2004)

    Google Scholar 

  17. Yee, G., Korba, L.: Context-Aware Security Policy Agent for Mobile Internet Services. In: Proc. of the 2005 IFIP International Conference on Intelligence in Communication Systems, Montréal, Québec, Canada, pp. 249–260 (2005)

    Google Scholar 

  18. Yee, G., Korba, L.: Negotiated Security Policies for E-Services and Web Services. In: ICWS 2005. Proc. of the 2005 IEEE International Conference on Web Services, San Diego, California, pp. 605–612. IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  19. Covington, M.J., Fogla, P., Zhan, Z., Ahamad, M.: A Context-Aware Security Architecture for Emerging Applications. In: ACSAC 2002. Proc. of the 18th Annual Computer Security Applications Conference, Las Vegas, Nevada, pp. 249–258 (2002)

    Google Scholar 

  20. Abowd, G.D., Battestini, A., O’Connell, T.: The Location Service: A Framework for Handling Multiple Location Sensing Technologies (2002), http://www.awarehome.gatech.edu/publications/location_service.pdf

  21. Bohn, J., Vogt, H.: Robust Probabilistic Positioning Based on High-Level Sensor-Fusion and Map Knowledge. Technical Report No. 421, ETH Zurich (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Telematica Instituut, PO Box 589, 7500 AN, Enschede, The Netherlands

    R. J. Hulsebosch, M. S. Bargh, G. Lenzini & P. W. G. Ebben

  2. Decis Lab, PO Box 90, 2600 AB, Delft, The Netherlands

    S. M. Iacob

Authors
  1. R. J. Hulsebosch
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. S. Bargh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. G. Lenzini
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P. W. G. Ebben
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. S. M. Iacob
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Gerd Kortuem Joe Finney Rodger Lea Vasughi Sundramoorthy

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hulsebosch, R.J., Bargh, M.S., Lenzini, G., Ebben, P.W.G., Iacob, S.M. (2007). Context Sensitive Adaptive Authentication. In: Kortuem, G., Finney, J., Lea, R., Sundramoorthy, V. (eds) Smart Sensing and Context. EuroSSC 2007. Lecture Notes in Computer Science, vol 4793. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75696-5_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75696-5_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75695-8

  • Online ISBN: 978-3-540-75696-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation