IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Keystroke Dynamics and Graphical Authentication Systems

Keystroke Dynamics and Graphical Authentication Systems
View Sample PDF
Author(s): Sérgio Tenreiro de Magalhães (University of Minho, Portugal), Henrique M.D. Santos (University of Minho, Portugal), Leonel Duarte dos Santos (University of Minho, Portugal) and Kenneth Revett (University of Westminster, UK)
Copyright: 2009
Pages: 6
Source title: Encyclopedia of Information Science and Technology, Second Edition
Source Author(s)/Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-60566-026-4.ch366

Purchase

View Keystroke Dynamics and Graphical Authentication Systems on the publisher's website for pricing and purchasing information.

Abstract

In information systems, authentication involves, traditionally, sharing a secret with the authenticating entity and presenting it whenever a confirmation of the user’s identity is needed. In the digital era, that secret is commonly a user name and password pair and/or, sometimes, a biometric feature. Both present difficulties of different kinds once the traditional user name and password are no longer enough to protect these infrastructures, the privacy of those who use it, and the con- fidentiality of the information, having known vulnerabilities, and the second has many issues related to ethical and social implications of its use (Magalhães & Santos, 2005). Password vulnerabilities come from their misuse that, in turn, results from the fact that they need to be both easy to remember, therefore simple, and secure, therefore complex. Consequently, it is virtually impossible to come up with a good password (Wiedenbeck, Waters, Birget, Brodskiy, & Memon, 2005). On the other hand, once users realize the need for securing their authentication secrets, even fairly good passwords become a threat when the security policies (if at all existing) fail to be implemented. The results of an inquiry made by the authors in 2004 to 60 IT professionals show that, even among those that have technical knowledge, the need for password security is underestimated (Magalhães, Revett, & Santos, 2006). This is probably one of the reasons why the governments increased their investment in biometric technologies after the terrorist attack of 9/11 (International Biometric Group [IBG], 2003). The use of biometric technologies to increase the security of a system has become a widely discussed subject, but while governments and corporations are pressing for a wider integration of these technologies with common security systems (like passports or identity cards), human rights associations are concerned with the ethical and social implications of their use. This situation creates a challenge to find biometric algorithms that are less intrusive, easier to use, and more accurate. The precision of a biometric technology is measured by its false-acceptance rate (FAR), which measures the permeability of the algorithm to attacks; its false-rejection rate (FRR), which measures the resistance of the algorithm to accept a legitimate user; and its crossover error rate (CER), the point of intersection of the FAR curve with the FRR curve that indicates the level of usability of the technology (Figure 1). For a biometric technology to be usable on a stand-alone base, its CER must be under 1%. As an algorithm becomes more demanding, its FAR is lower and its FRR is higher. Usually the administrator of the system can define a threshold and decide what the average FAR and FRR of the applied algorithm will be according to the need for security, which depends on the risk evaluation and the value of what is protected; also, the threshold can be, in theory, defined by an intrusion detection system (software designed to identify situations of attack to the system).

Related Content

Christine Kosmopoulos. © 2022. 22 pages.
Melkamu Beyene, Solomon Mekonnen Tekle, Daniel Gelaw Alemneh. © 2022. 21 pages.
Rajkumari Sofia Devi, Ch. Ibohal Singh. © 2022. 21 pages.
Ida Fajar Priyanto. © 2022. 16 pages.
Murtala Ismail Adakawa. © 2022. 27 pages.
Shimelis Getu Assefa. © 2022. 17 pages.
Angela Y. Ford, Daniel Gelaw Alemneh. © 2022. 22 pages.
Body Bottom