Files:DescriptionFile size FormatBrowse
Fulltext0.81 MBPDF (requires Acrobat Reader)Previous | Next
  
Authors:Naveed Ahmed: Department of Informatics and Mathematical Modeling (IMM), Technical University of Denmark, Denmark
Christian Damsgaard Jensen: Department of Informatics and Mathematical Modeling (IMM), Technical University of Denmark, Denmark
Publication title:An Authentication Framework for Nomadic Users
Conference:NODES 09: NOrdic workshop and doctoral symposium on DEpendability and Security; Linköping; Sweden; April 27; 2009
Publication type: Abstract and Fulltext
Issue:041
Article No.:005
Abstract:Security and usability are often horn locked and system administrators tend to configure systems so that they favor security over usability. In many cases; however; the increased security results in usability that is so poor that users feel the need to circumvent the security mechanisms. This is probably best explained by considering password based authentication; where a user is actively involved in the process. If the time required to log in to an account is considered too high; users tend to leave their terminals logged in throughout the day and share their account with other users. This is particularly true for nomadic users who move around in ubiquitous computing environments and avail from different IT services from many different locations. In many ubiquitous computing environments; where information processing is not considered the main priority; management often accepts this practise in order to increase productivity; e.g.; in a hectic hospital environment; medical staff has to login and logout of various machines several times in an hour; but the repeated interactions consume a considerable amount of time; causing organizational inefficiency; job frustration and a tendency towards defeating the obstacle by leaving terminals logged in or choosing short and easy to type passwords. Therefore; a password based authentication mechanism; which is quite simple and secure in personal computing; has become too cumbersome for nomadic users; which means that other means of authentication must be developed for nomadic users.

In this paper; we focus on usability of authentication for nomadic users in a ubiquitous computing environment. We identify requirements for authentication of nomadic users and propose an authentication framework for this class of users. A prototype of the proposed authentication framework has been developed; which supports persistent and multifactor authentication without the active intervention of a user.

We evaluate the usability of the developed mechanism by considering the time required to authenticate when logging in to a workstation and compare this to classic password based authentication. The evaluation shows that the proposed mechanism saves a significant amount of time for the nomadic users; which reduces the incentive to circumvent the authentication mechanism. Thus; the mechanism will both provide users with better job satisfaction and increased organizational efficiency; while at the same time increase the effective level of security of the system.

Language:English
Keywords:Security; Usability; Ubiquitous Computing; Nomadic Users; Authentication
Year:2009
No. of pages:10
Pages:33-42
Series:Linköping Electronic Conference Proceedings
ISSN (print):1650-3686
ISSN (online):1650-3740
File:http://www.ep.liu.se/ecp/041/005/ecp0941005.pdf
Available:2009-07-14
Publisher:Linköping University Electronic Press; Linköpings universitet

REFERENCE TO THIS PAGE
Naveed Ahmed, Christian Damsgaard Jensen (2009). An Authentication Framework for Nomadic Users, NODES 09: NOrdic workshop and doctoral symposium on DEpendability and Security; Linköping; Sweden; April 27; 2009 http://www.ep.liu.se/ecp_article/index.en.aspx?issue=041;article=005 (accessed 11/29/2014)