Short paper

Ian Timothy Fischer, Cynthia Kuo, Ling Huang, Mario Frank
2012 Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '12  
Today's mobile devices are packed with sensors that are capable of gathering rich contextual information, such as location, wireless device signatures, ambient noise, and photographs. This paper exhorts the security community to re-design authentication mechanisms for users on mobile devices. Instead of relying on one simplistic, worst-case threat model, we should use contextual information to develop more nuanced models that assess the risk level of the user's current environment. This would
more » ... low us to decrease or eliminate the level of user interaction required to authenticate in some situations, improving usability without any effective impact on security. Ideally, authentication mechanisms will scale up or down to match users' own mental threat models of their environments. We sketch out several scenarios demonstrating how contextual information can be used to assess risks and adapt authentication mechanisms. This is a research-rich area, and we outline future research directions for developing and evaluating dynamic security mechanisms using contextual information.
doi:10.1145/2381934.2381941 dblp:conf/ccs/FischerKHF12 fatcat:orcxwdg66rfq7bqufjiiv36txm