A Security Assessment of Tiles: A New Portfolio-Based Graphical Authentication System

James Nicholson; Paul Dunphy; Lynne Coventry; Pamela Briggs; Patrick Olivier

A Security Assessment of Tiles: A New Portfolio-Based Graphical Authentication System

James Nicholson, Paul Dunphy, Lynne Coventry, Pamela Briggs, Patrick Olivier

Psychology

Research output: Contribution to conference › Paper › peer-review

Abstract

In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.

Original language	English
Publication status	Published - May 2012
Event	30th ACM Conference on Human Factors in Computing Systems, CHI 2012 - Austin, Texas, Austin, TX, United States Duration: 5 May 2012 → 10 May 2012 http://chi2012.acm.org/program/desktop/Session232.html?searchterm=health+system

Conference

Conference	30th ACM Conference on Human Factors in Computing Systems, CHI 2012
Country/Territory	United States
City	Austin, TX
Period	5/05/12 → 10/05/12
Internet address	http://chi2012.acm.org/program/desktop/Session232.html?searchterm=health+system

Cite this

@conference{af72269c4e1343e584a70318d2efed44,

title = "A Security Assessment of Tiles: A New Portfolio-Based Graphical Authentication System",

abstract = "In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.",

author = "James Nicholson and Paul Dunphy and Lynne Coventry and Pamela Briggs and Patrick Olivier",

year = "2012",

month = may,

language = "English",

note = "30th ACM Conference on Human Factors in Computing Systems, CHI 2012 ; Conference date: 05-05-2012 Through 10-05-2012",

url = "http://chi2012.acm.org/program/desktop/Session232.html?searchterm=health+system",

}

TY - CONF

T1 - A Security Assessment of Tiles: A New Portfolio-Based Graphical Authentication System

AU - Nicholson, James

AU - Dunphy, Paul

AU - Coventry, Lynne

AU - Briggs, Pamela

AU - Olivier, Patrick

PY - 2012/5

Y1 - 2012/5

N2 - In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.

AB - In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.

M3 - Paper

T2 - 30th ACM Conference on Human Factors in Computing Systems, CHI 2012

Y2 - 5 May 2012 through 10 May 2012

ER -

A Security Assessment of Tiles: A New Portfolio-Based Graphical Authentication System

Abstract

Conference

Fingerprint

Cite this