Title: Architecture of Context-Risk-Aware Authentication System for Web Environments

Year of Publication: Sep - 2014
Page Numbers: 219-228
Authors: Adam Hurkala, Jaroslaw Hurkala
Conference Name: The Third International Conference on Informatics Engineering and Information Science (ICIEIS2014)
- Poland


This paper reports our ongoing work to design a Context-Risk-Aware Authentication System for Web environments. In our approach of password-based authentication we use additional authentication data to assess the probability that user's identity is authentic. Requested user data includes a standard login-password combination and other authentication characteristics that can be established during authentication request. The additional information about user is used to detect suspicious authentication requests, in which case user is asked to present additional proof of identity. In this paper we describe the motivation for, and the design of the Context-Risk-Aware Authentication System, explain security threats and risk factors.