How many FIDO protocols are needed? Surveying the design, security and market perspectives.
Reads0
Chats0
TLDR
In this article, the authors trace the evolution of FIDO protocols by identifying the technical characteristics and security requirements throughout the different versions while providing a comprehensive study on the different markets (e.g., digital banking, social networks, e-government, etc.), applicability, ease of use, extensibility and future security considerations.Abstract:
Unequivocally, a single man in possession of a strong password is not enough to solve the issue of security. Studies indicate that passwords have been subjected to various attacks, regardless of the applied protection mechanisms due to the human factor. The keystone for the adoption of more efficient authentication methods by the different markets is the trade-off between security and usability. To bridge the gap between user-friendly interfaces and advanced security features, the Fast Identity Online (FIDO) alliance defined several authentication protocols. Although FIDO's biometric-based authentication is not a novel concept, still daunts end users and developers, which may be a contributor factor obstructing FIDO's complete dominance of the digital authentication market. This paper traces the evolution of FIDO protocols, by identifying the technical characteristics and security requirements of the FIDO protocols throughout the different versions while providing a comprehensive study on the different markets (e.g., digital banking, social networks, e-government, etc.), applicability, ease of use, extensibility and future security considerations. From the analysis, we conclude that there is currently no dominant version of a FIDO protocol and more importantly, earlier FIDO protocols are still applicable to emerging vertical services.read more
Citations
More filters
Journal ArticleDOI
SnapPI: Understanding Everyday Use of Personal Informatics Data Stickers on Ephemeral Social Media
TL;DR: In this paper , the authors designed and developed SnapPI, an app for flexibly incorporating data into stickers for Snapchat, finding that participants value aligning data sharing with Snapchat's communication and stylistic norms.
Proceedings ArticleDOI
Discovering Repetitive Code Changes in Python ML Systems
TL;DR: This study conducts the first and most fine-grained study on code change patterns in a diverse corpus of 1000 top-rated ML systems comprising 58 million SLOC and reveals 4 major trends of how ML developers change their code.
Proceedings ArticleDOI
Improving Personalized Explanation Generation through Visualization
TL;DR: A visually-enhanced approach named METER is proposed with the help of visualization generation and text–image matching discrimination: the explainable recommendation model is encouraged to visualize what it refers to while incurring a penalty if the visualization is incongruent with the textual explanation.
Journal ArticleDOI
Geothermal 4.0: AI-enabled geothermal reservoir development- current status, potentials, limitations, and ways forward
Temoor Muther,Fahad I. Syed,Austin Lancaster,Farah D. Salsabila,Amirmasoud Kalantari-Dahaghi,Shahin Negahban +5 more
TL;DR: In this article , the authors highlight the integration of advanced technology on geothermal reservoir performance optimization, which plays a crucial role in the creation of optimum operating conditions at minimized costs, which leads to a more sustainable energy transition towards other energy sources besides petroleum.
Journal ArticleDOI
Impact of digital technologies upon teaching and learning in higher education in Latin America: an outlook on the reach, barriers, and bottlenecks
Kingsley Okoye,Haruna Hussein,Arturo Arrona-Palacios,Hector Quintero,Luis Omar Peña Ortega,Angela Lopez Sanchez,Elena Arias Ortiz,Jose Escamilla,Samira Hosseini +8 more
TL;DR: In this article , the extent to which digital technologies have been used to advance the teaching and learning process in higher education institutions in Latin America, and the barriers and bottlenecks to why it may not have been effectively implemented across the HEIs.
References
More filters
Journal ArticleDOI
A security authorization scheme for smart home Internet of Things devices
TL;DR: A lightweight authorization stack for smart-home IoT applications, where a Cloud-connected device relays input commands to a user’s smart-phone for authorization is proposed, which is user-device centric and addresses security issues in the context of an untrusted Cloud platform.
Proceedings ArticleDOI
The Return of Coppersmith's Attack: Practical Factorization of Widely Used RSA Moduli
TL;DR: A practical factorization method for various key lengths including 1024 and 2048 bits is proposed, which requires no additional information except for the value of the public modulus and does not depend on a weak or a faulty random number generator.
Book ChapterDOI
Why Johnny Doesn’t Use Two Factor A Two-Phase Usability Study of the FIDO U2F Security Key
TL;DR: This work analyzed acceptability and usability of the Yubico Security Key, a 2FA hardware token implementing Fast Identity Online (FIDO), which has notable usability attributes: tactile interaction, convenient form factor, physical resilience, and ease of use.
Journal ArticleDOI
Reinforced, Incremental and Cross-Lingual Event Detection From Social Messages
TL;DR: This paper presents a novel reinForced, incremental and cross-lingual social Event detection architecture, namely FinEvent, from streaming social messages, and proposes a new reinforced weighted multi-relational graph neural network framework to select optimal aggregation thresholds to learn social message embeddings.
Proceedings Article
A Usability Study of Five Two-Factor Authentication Methods.
TL;DR: While a few participants experienced difficulty setting up a hardware token and a one-time password, in general, users found the methods easy to set up.