摘要:Existing sustainable IT services have several problems related to user authentication such as the inefficiency of managing the system security, low security, and low usability. In this paper, we propose a Fast IDentity Online (FIDO) authenticator that performs continuous authentication with implicit authentication based on user context and multimodal authentication. The proposed FIDO authenticator, a context-aware multimodal FIDO authentication (CAMFA) method, combines information such as the user context, state of the mobile device, and user biometrics, then applies implicit and explicit authentication methods to meet the level of authentication required by the service provider. This reduces the user’s explicit authentication burden and continually authenticates users at risk during the session. Moreover, it is able to respond to attacks such as the theft of the authentication method or session hijacking. To study the effectiveness of CAMFA, we ran a user study by collecting data from 22 participants over 42 days of activity on a practical Android platform. The result of the user study demonstrates that the number of explicit authentication requests could be reduced by half. Based on the results of this study, an advanced user authentication that provides multimodal and continuous authentication could be applied to sustainable IT services.
