EPSRC Reference: |
EP/G020760/1 |
Title: |
Knowledge-Based Authentication: Evaluating and Improving |
Principal Investigator: |
Aspinall, Professor D |
Other Investigators: |
|
Researcher Co-Investigators: |
|
Project Partners: |
|
Department: |
Sch of Informatics |
Organisation: |
University of Edinburgh |
Scheme: |
Standard Research |
Starts: |
01 October 2008 |
Ends: |
30 September 2009 |
Value (£): |
65,253
|
EPSRC Research Topic Classifications: |
Fundamentals of Computing |
|
|
EPSRC Industrial Sector Classifications: |
No relevance to Underpinning Sectors |
|
|
Related Grants: |
|
Panel History: |
|
Summary on Grant Application Form |
Authentication is central to computer security and almost every use of computerised systems. With the explosion of online e-commerce, banking, social web sites and governmental services, the problem of finding secure, usable and efficient authentication systems is more acute than ever. The risks of security failure are obvious, and unusable or inefficient systems additionally risk loss of customers or overly expensive support services managing password recovery.Despite the obvious importance of everyday authentication and the widespread adoption of improved mechanisms such as challenge questions, there is a surprising lack of underpinning published research for these methods. Comparative studies, measures of usability and recoverability costs, scientifically justified guidelines for efficient implementation, are all lacking.This research proposes to understand and assess existing practice with authentication systems using 'known information' such as with challenge questions, and make recommendations for improvement. We expect that the results will have a widespread impact across many sectors, both inside and outside of the UK. The research will be undertaken by Principal Investigator Dr. David Aspinall of the University of Edinburgh, and Visiting Fellow Dr. Michael Just who is the world leader in Knowledge-Based Authentication (KBA), and responsible for the KBA mechanism used in the Government of Canada's online e-government solution, serving 3 million accounts. We anticipate that the results of our research will contribute positively to the security and usability of many applications, both inside and outside of the UK.
|
Key Findings |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
Potential use in non-academic contexts |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
Impacts |
Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
Summary |
|
Date Materialised |
|
|
Sectors submitted by the Researcher |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
Project URL: |
|
Further Information: |
|
Organisation Website: |
http://www.ed.ac.uk |