In the last months, the market for personal wearable devices has been booming significantly, and, in particular, smartwatches are starting to assume a fundamental role in the Bring Your Own Device (BYOD) arena as well as in the more general Internet of Things (IoT) ecosystem, by acting both as sensitive data sources and as user identity proxies. These new roles, complementing the more traditional personal assistance and telemetry/tracking ones, open new perspectives in their integration in complex IoT-based critical infrastructures such as e-payment, health care monitoring, and emergency systems, as well as in their usage as remote control facilities in smart services. Users can access their IoT devices at any time from any place through smartwatches. We argue that this new scenario calls for a strengthened and more resilient authentication of users on these devices, despite their limitations in terms of dimensions and hardware constraints that may considerably affect the usability of security mechanisms. In this article, we present an innovative authentication scheme targeted at smartwatches, namely CirclePIN, that provides both resilience to most common attacks and a high level of usability in tests with real users. © 2020 ACM.
CirclePIN: a novel authentication mechanism for smartwatches to prevent unauthorized access to IoT devices
MERIEM GUERARMembro del Collaboration Group
;MAURO MIGLIARDIMembro del Collaboration Group
;VALLERINI, LUCAMembro del Collaboration Group
2020
Abstract
In the last months, the market for personal wearable devices has been booming significantly, and, in particular, smartwatches are starting to assume a fundamental role in the Bring Your Own Device (BYOD) arena as well as in the more general Internet of Things (IoT) ecosystem, by acting both as sensitive data sources and as user identity proxies. These new roles, complementing the more traditional personal assistance and telemetry/tracking ones, open new perspectives in their integration in complex IoT-based critical infrastructures such as e-payment, health care monitoring, and emergency systems, as well as in their usage as remote control facilities in smart services. Users can access their IoT devices at any time from any place through smartwatches. We argue that this new scenario calls for a strengthened and more resilient authentication of users on these devices, despite their limitations in terms of dimensions and hardware constraints that may considerably affect the usability of security mechanisms. In this article, we present an innovative authentication scheme targeted at smartwatches, namely CirclePIN, that provides both resilience to most common attacks and a high level of usability in tests with real users. © 2020 ACM.File | Dimensione | Formato | |
---|---|---|---|
04-ACMTCPS-CirclePIN-3365995.pdf
non disponibili
Tipologia:
Published (publisher's version)
Licenza:
Accesso privato - non pubblico
Dimensione
3.09 MB
Formato
Adobe PDF
|
3.09 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.