Description:
User authentication is crucial for securing digital identities in information systems. Naturally, its importance means that user authentication methods are a major target in countless cyber-attacks. The aim of this dissertation is to propose and provide an approach to authenticating human users on servers via the Internet using knowledge-based authentication methods. The developed approach is an application-layer protocol performed over the Internet by leveraging existing transport mechanisms in web services (e.g. REST-compliant Web services). Knowledge-based authentication methods are typically based on static or slowly changing data sources, thereby making them vulnerable to eavesdropping, wiretapping, and other types of attacks. Thus, an alternative approach is needed for creating an authentication challenge that competes with other authentication factors: hardware tokens and biometrics. This study proposes a new authentication approach that exploits user behavior patterns captured in non-public data sources to create unique, one-time challenges. This study proposes: (i) a model capable of representing user behavior patterns in a wide range of user activities captured from various data sources and (ii) a method for creating unique one-time challenges based on the model. The study also tests the model and method based on multiple non-public data sources such as bank transactions, phone logs, computer usage data, and e-mail correspondence. The efficacy of the study is also demonstrated using a live user pool. Most user authentication methods rely on a single verifier stored at a central location in the information system. Such information storage presents a single point of compromise from a security perspective. This dissertation proposes a distributed authentication environment in which there is no such single point of compromise. The proposed architecture does not rely on a single verifier to authenticate users, but rather a distributed authentication architecture where several authentication servers are used ...
Publisher:
Sveučilište u Zagrebu. Fakultet elektrotehnike i računarstva. Zavod za elektroničke sustave i obradbu informacija. ; University of Zagreb. Faculty of Electrical Engineering and Computing. Department of Electronic Systems and Information Processing.
Year of Publication:
2018
Document Type:
info:eu-repo/semantics/doctoralThesis ; text ; [Doctoral and postdoctoral thesis]
Subjects:
One-time challenge generation ; user behavior profiling ; distributed architecture ; knowledge-based authentication ; question-based authentication ; jednokratna proizvodnja izazova ; profiliranje korisničkog ponašanja ; raspodijeljena arhitektura ; autentifikacija znanja zasnovana na korisničkom znanju ; autentifikacija korisnika ; TEHNIČKE ZNANOSTI. Računarstvo. Obradba informacija ; TECHNICAL SCIENCES. Computing. Data Processing ; Elektrotehnika ; Electrical engineering ; info:eu-repo/classification/udc/621.3(043.3)
Rights:
http://rightsstatements.org/vocab/InC/1.0/ ; info:eu-repo/semantics/closedAccess
Content Provider:
Nacionalni repozitorij disertacija i znanstvenih magistarskih radova (Nacionalna i sveučilišna knjižnica u Zagrebu)
Further nameCroatian Digital Dissertations Repository (National and University Library in Zagreb) 
