Nowadays, plenty of digital services are provided to citizens by means of terminals located in public unguarded places. In order to access the desired service, users, authenticate themselves by providing their credentials through such terminals. This approach opens up to the problem of fraudulent devices that could be installed in place of regular terminals to capture users’ confidential information. Indeed, despite the development of increasingly secure systems aiming at guaranteeing an acceptable security level, users are frequently unable to distinguish between terminals on which security measures are enforced (trusted terminals) and malicious terminals that pretend to be trusted. We deal with this problem by presenting a human-compatible authentication protocol, leveraging Graphical Passwords, helps user to authenticate a terminal before using it. We also present a prototype implementation of this protocol, called TRUST (TRust Unguarded Service Terminals). The usability of our solution has been analyzed by means of a preliminary experimentation.
TRUST: TRust Unguarded Service Terminals / Casola, D.; Cattaneo, G.; Catuogno, L.; Ferraro-Petrillo, Umberto; Galdi, C.; Roscigno, G.. - 1080:(2019), pp. 155-169. (Intervento presentato al convegno 16th International Symposium on Pervasive Systems, Algorithms and Networks, I-SPAN 2019 tenutosi a Naples; Italy) [10.1007/978-3-030-30143-9_13].
TRUST: TRust Unguarded Service Terminals
Ferraro-Petrillo Umberto;
2019
Abstract
Nowadays, plenty of digital services are provided to citizens by means of terminals located in public unguarded places. In order to access the desired service, users, authenticate themselves by providing their credentials through such terminals. This approach opens up to the problem of fraudulent devices that could be installed in place of regular terminals to capture users’ confidential information. Indeed, despite the development of increasingly secure systems aiming at guaranteeing an acceptable security level, users are frequently unable to distinguish between terminals on which security measures are enforced (trusted terminals) and malicious terminals that pretend to be trusted. We deal with this problem by presenting a human-compatible authentication protocol, leveraging Graphical Passwords, helps user to authenticate a terminal before using it. We also present a prototype implementation of this protocol, called TRUST (TRust Unguarded Service Terminals). The usability of our solution has been analyzed by means of a preliminary experimentation.| File | Dimensione | Formato | |
|---|---|---|---|
|
Casola_Trust_2019.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
50.59 MB
Formato
Adobe PDF
|
50.59 MB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
