Advanced Information Networking and Applications Workshops, International Conference on (2007)
Niagara Falls, Ontario, Canada
May 21, 2007 to May 23, 2007
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/AINAW.2007.85
David Argles , University of Southampton, UK
Alex Pease , University of Southampton, UK
Robert John Walters , University of Southampton, UK
We know how to build secure systems but for security measures to be truly effective it is necessary to use keys which are far too large for people to commit to memory. The consequence is that people avoid using security measures or they resort to recording their key information somewhere which they find convenient to access. If any kind of barrier to unauthorised access to this store is used, it is invariably a username and short password or PIN combination. This compromises the effectiveness of primary schemes by presenting an intruder with a weak point to attack. This paper describes a hybrid scheme incorporating an electronic token and biometric verification. The scheme eliminates the need to rely on the user's memory so it can use keys which are long enough to be effective, yet it is also quick and convenient in use and could be adopted anywhere that presently uses username-password arrangements.
authorisation, biometrics (access control), cryptography, digital signatures
D. Argles, A. Pease and R. J. Walters, "An Improved Approach to Secure Authentication and Signing," Advanced Information Networking and Applications Workshops, International Conference on(AINAW), Niagara Falls, Ontario, Canada, 2008, pp. 119-123.