Katelin Bailey, Apu Kapadia, Linden Vongsathorn, Sean W. Smith
{"title":"两种认证:在不可信的环境中保护私有信息","authors":"Katelin Bailey, Apu Kapadia, Linden Vongsathorn, Sean W. Smith","doi":"10.1145/1456403.1456412","DOIUrl":null,"url":null,"abstract":"Users often log in to Internet sites from insecure computers and more recently have started divulging their email passwords to social-networking sites, thereby putting their private communications at risk. We propose and evaluate TwoKind Authentication, a simple and effective technique for limiting access to private information in untrustworthy environments. In its simplest form, TwoKind offers two modes of authentication by providing a low and a high authenticator. By using a low authenticator, users can signal to the server that they are in an untrusted environment, following which the server restricts the user's actions.\n We seek to evaluate the effectiveness of multiple authenticators in promoting safer behavior in users. We demonstrate the effectiveness of this approach through a user experiment - we find that users make a distinction between the two authenticators and generally behave in a security-conscious way, protecting their high authenticator the ma jority of the time. Our study suggests that TwoKind will be beneficial to several Internet applications, particularly if the privileges associated with the low authenticator can be customized to a user's security preferences.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"7 1","pages":"39-44"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"TwoKind authentication: protecting private information in untrustworthy environments\",\"authors\":\"Katelin Bailey, Apu Kapadia, Linden Vongsathorn, Sean W. Smith\",\"doi\":\"10.1145/1456403.1456412\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Users often log in to Internet sites from insecure computers and more recently have started divulging their email passwords to social-networking sites, thereby putting their private communications at risk. We propose and evaluate TwoKind Authentication, a simple and effective technique for limiting access to private information in untrustworthy environments. In its simplest form, TwoKind offers two modes of authentication by providing a low and a high authenticator. By using a low authenticator, users can signal to the server that they are in an untrusted environment, following which the server restricts the user's actions.\\n We seek to evaluate the effectiveness of multiple authenticators in promoting safer behavior in users. We demonstrate the effectiveness of this approach through a user experiment - we find that users make a distinction between the two authenticators and generally behave in a security-conscious way, protecting their high authenticator the ma jority of the time. Our study suggests that TwoKind will be beneficial to several Internet applications, particularly if the privileges associated with the low authenticator can be customized to a user's security preferences.\",\"PeriodicalId\":74537,\"journal\":{\"name\":\"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society\",\"volume\":\"7 1\",\"pages\":\"39-44\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-10-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1456403.1456412\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1456403.1456412","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
TwoKind authentication: protecting private information in untrustworthy environments
Users often log in to Internet sites from insecure computers and more recently have started divulging their email passwords to social-networking sites, thereby putting their private communications at risk. We propose and evaluate TwoKind Authentication, a simple and effective technique for limiting access to private information in untrustworthy environments. In its simplest form, TwoKind offers two modes of authentication by providing a low and a high authenticator. By using a low authenticator, users can signal to the server that they are in an untrusted environment, following which the server restricts the user's actions.
We seek to evaluate the effectiveness of multiple authenticators in promoting safer behavior in users. We demonstrate the effectiveness of this approach through a user experiment - we find that users make a distinction between the two authenticators and generally behave in a security-conscious way, protecting their high authenticator the ma jority of the time. Our study suggests that TwoKind will be beneficial to several Internet applications, particularly if the privileges associated with the low authenticator can be customized to a user's security preferences.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
