I-Corps: Securing Mobile Devices with Memorable, Usable, and Secure Authentication
Cleveland State University, Cleveland OH
Investigators
Abstract
The broad impact/commercial potential of this I-Corps project is to protect security and privacy of mobile device users with memorable, usable, and secure authentication schemes. According to statista.com, the number of smartphone users in the world will be more than five billion by 2019. The popularity of these mobile devices is due to a unique set of features including ubiquitous Internet access through communication technologies such as Wifi and 4G/LTE, easy to use touch-based inputs, and numerous applications and games. In the meantime, the security of mobile devices is becoming a major concern as device users are storing sensitive data such as personal contacts and utilizing sensitive applications like banking and stock trading. Strong authentication as the forefront defense mechanism can prevent unauthorized access to a mobile device that may lead to lack of accountability, data loss or stealing, and identity theft. Due to the popularity of mobile devices and their uses in government, business, and even military applications, securing mobile devices with secure, memorable, and usable authentication is of great societal importance. This I-Corps project focuses on exploring the market potential for multi-dimensional authentication schemes. The new paradigm of multi-dimensional authentication schemes can achieve better memorability, security, and usability at the same time. The new schemes fuse information from multiple dimensions to form a password, allowing the schemes to enlarge the password space and improve memorability by reducing memory interference. The information fusion can increase usability as fewer input gestures are required for passwords of the same security strength. The schemes can also be shoulder-surfing resistant. A successful authentication requires a user to respond to a random challenge so that a set of predefined rules are satisfied after adjustments made by the user. The schemes can also be used for continuously monitoring device user behavior to ensure the current device users is a user authorized to use the device. Through this project, we will be able to investigate the needs from various customer segments and polish our technologies and prototypes to meet the needs. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →