Adaptive authentication systems identify and enforce suitable methods to verify that someone (user) or something (device) is eligible to access a service or a resource. An authentication method is usually adapted in response to changes in the security risk or the user’s behaviour. Previous work on adaptive authentication systems provide limited guidance about i) what and how contextual factors can affect the selection of an authentication method; ii) which requirements are relevant to an adaptive authentication system and iii) how authentication methods can affect the satisfaction of the relevant requirements. In this paper, we provide a holistic framework informed by previous research to characterize the adaptive authentication problem and support the development of an adaptive authentication system. Our framework explicitly considers the contextual factors that can trigger an adaptation, the requirements that are relevant during decision making and their trade-offs, as well as the authentication methods that can change as a result of an adaptation. We showcase how our framework can inform the activities of the MAPE-K loop necessary to build an adaptive authentication system for an Internet of Vehicles case study. From our experience and from the gaps identified in the literature, we elicit a set of challenges that can be addressed in future research on adaptive authentication.
Wed 29 SepDisplayed time zone: Eastern Time (US & Canada) change
13:00 - 14:30
|LOS: Local-Optimistic Scheduling of Periodic Model Training For Anomaly Detection on Sensor Data Streams in Meshed Edge Networks|
|On Adapting SNMP as Communication Protocol in Distributed Control Loops for Self-adaptive Systems|
|Towards Highly Automated Machine-Learning-Empowered Monitoring of Motor Test Stands|
|Engineering Adaptive Authentication|