語系:
繁體中文
English
說明(常見問題)
回圖書館首頁
手機版館藏查詢
登入
回首頁
切換:
標籤
|
MARC模式
|
ISBD
FindBook
Google Book
Amazon
博客來
On the Security and Usability of New Paradigms of Web Authentication.
紀錄類型:
書目-電子資源 : Monograph/item
正題名/作者:
On the Security and Usability of New Paradigms of Web Authentication./
作者:
Jubur, Mohammed.
出版者:
Ann Arbor : ProQuest Dissertations & Theses, : 2021,
面頁冊數:
161 p.
附註:
Source: Dissertations Abstracts International, Volume: 83-03, Section: B.
Contained By:
Dissertations Abstracts International83-03B.
標題:
Computer science. -
電子資源:
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28645059
ISBN:
9798544235224
On the Security and Usability of New Paradigms of Web Authentication.
Jubur, Mohammed.
On the Security and Usability of New Paradigms of Web Authentication.
- Ann Arbor : ProQuest Dissertations & Theses, 2021 - 161 p.
Source: Dissertations Abstracts International, Volume: 83-03, Section: B.
Thesis (Ph.D.)--The University of Alabama at Birmingham, 2021.
This item must not be sold to any third party vendors.
Passwords are widely used by web services to authenticate their users. Unfortunately, passwords suffer from several well-documented security and usability issues. The two of the main techniques to address password problems are password managers and two-factor authentication (2FA), which form the central focus of this dissertation work.In particular, we explore the security and usability of newly proposed and emerging forms of password managers and 2FA systems. We first investigate a "store-less" online password manager that can prevent the leakage of the passwords from the password manager service itself. We also design and evaluate a new 2FA scheme that offers end-to-end security protection with user interaction models different from currently deployed2FA schemes. Further, we investigate the currently deployed password management and 2FA schemes in terms of their security and usability.This dissertation comprises two parts: password management and two-factor authentication. In the first part of the dissertation, we first study the usability of a new class of online password managers (referred to as HIPPO) that does not reveal the password or the master password to the password management service itself. Second, we compare the usability and the security of two forms of password management, a store-less password manager (i.e., HIPPO)and traditionally- deployed store-based password managers(e.g., LastPass). In the second part of this dissertation, we first study the usability of a recently designed 2FA protocol (referred to as Op-2FA), which aims to provide optimal security from both server-side and authentication terminal sides based on simple and flexible users interaction modes. Second, we introduce and study a fundamental design vulnerability of push-based 2FA (a form of "Just Confirm" approach such as Duo Push), and we run a lab study to investigate this vulnerability. Third, we evaluate the usability and security of the "Compare-and-Confirm" approach of push-based 2FA. We consider two scenarios where the user deploys a second-factor device physically separated from the authentication terminal, and when the user utilizes the second-factor device as the authentication terminal itself.
ISBN: 9798544235224Subjects--Topical Terms:
523869
Computer science.
Subjects--Index Terms:
Authentication
On the Security and Usability of New Paradigms of Web Authentication.
LDR
:03391nmm a2200361 4500
001
2347637
005
20220823142318.5
008
241004s2021 ||||||||||||||||| ||eng d
020
$a
9798544235224
035
$a
(MiAaPQ)AAI28645059
035
$a
AAI28645059
040
$a
MiAaPQ
$c
MiAaPQ
100
1
$a
Jubur, Mohammed.
$3
3686914
245
1 0
$a
On the Security and Usability of New Paradigms of Web Authentication.
260
1
$a
Ann Arbor :
$b
ProQuest Dissertations & Theses,
$c
2021
300
$a
161 p.
500
$a
Source: Dissertations Abstracts International, Volume: 83-03, Section: B.
500
$a
Advisor: Saxena, Nitesh.
502
$a
Thesis (Ph.D.)--The University of Alabama at Birmingham, 2021.
506
$a
This item must not be sold to any third party vendors.
520
$a
Passwords are widely used by web services to authenticate their users. Unfortunately, passwords suffer from several well-documented security and usability issues. The two of the main techniques to address password problems are password managers and two-factor authentication (2FA), which form the central focus of this dissertation work.In particular, we explore the security and usability of newly proposed and emerging forms of password managers and 2FA systems. We first investigate a "store-less" online password manager that can prevent the leakage of the passwords from the password manager service itself. We also design and evaluate a new 2FA scheme that offers end-to-end security protection with user interaction models different from currently deployed2FA schemes. Further, we investigate the currently deployed password management and 2FA schemes in terms of their security and usability.This dissertation comprises two parts: password management and two-factor authentication. In the first part of the dissertation, we first study the usability of a new class of online password managers (referred to as HIPPO) that does not reveal the password or the master password to the password management service itself. Second, we compare the usability and the security of two forms of password management, a store-less password manager (i.e., HIPPO)and traditionally- deployed store-based password managers(e.g., LastPass). In the second part of this dissertation, we first study the usability of a recently designed 2FA protocol (referred to as Op-2FA), which aims to provide optimal security from both server-side and authentication terminal sides based on simple and flexible users interaction modes. Second, we introduce and study a fundamental design vulnerability of push-based 2FA (a form of "Just Confirm" approach such as Duo Push), and we run a lab study to investigate this vulnerability. Third, we evaluate the usability and security of the "Compare-and-Confirm" approach of push-based 2FA. We consider two scenarios where the user deploys a second-factor device physically separated from the authentication terminal, and when the user utilizes the second-factor device as the authentication terminal itself.
590
$a
School code: 0005.
650
4
$a
Computer science.
$3
523869
650
4
$a
Usability.
$3
3681540
650
4
$a
Hypotheses.
$3
3560118
650
4
$a
Demographics.
$3
3540640
650
4
$a
Questionnaires.
$3
529568
650
4
$a
Information science.
$3
554358
653
$a
Authentication
653
$a
Password managers
653
$a
Two factor authentication
653
$a
Store-less password management
653
$a
Usability
690
$a
0984
690
$a
0723
710
2
$a
The University of Alabama at Birmingham.
$b
Computer and Information Sciences.
$3
3342829
773
0
$t
Dissertations Abstracts International
$g
83-03B.
790
$a
0005
791
$a
Ph.D.
792
$a
2021
793
$a
English
856
4 0
$u
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28645059
筆 0 讀者評論
館藏地:
全部
電子資源
出版年:
卷號:
館藏
1 筆 • 頁數 1 •
1
條碼號
典藏地名稱
館藏流通類別
資料類型
索書號
使用類型
借閱狀態
預約狀態
備註欄
附件
W9470075
電子資源
11.線上閱覽_V
電子書
EB
一般使用(Normal)
在架
0
1 筆 • 頁數 1 •
1
多媒體
評論
新增評論
分享你的心得
Export
取書館
處理中
...
變更密碼
登入