|
CMU-CS-01-123
Computer Science Department
School of Computer Science, Carnegie Mellon University
CMU-CS-01-123
Authentication Confidences
Gregory R. Ganger
April 2001
CMU-CS-01-123.ps
CMU-CS-01-123.pdf
Keywords: Security, authentication, biometric authentication,
system access
"Over the Internet, no one knows you're a dog," goes the joke. Yet, in most
systems, a password submitted over the Internet gives one the same access
rights as one typed at the physical console. We promote an alternate
approach to authentication, in which a system fuses observations about
a user into a probability (an authentication confidence) that the user
is who they claim to be. Relevant observations include password
correctness, physical location, activity patterns, and biometric readings.
Authentication confidences refine current yes-or-no authentication
decisions, allowing systems to cleanly provide partial access rights
to authenticated users whose identities are suspect.
8 pages
|