A Highly Usable and Highly Secure Access Method Combining Biometrics, Selection, and Sequence Into a Simple Two-Step Action
Publication Date: 2013-Jul-31
The IP.com Prior Art Database
A Highly Usable and Highly Secure Access Method For Devices That Combines Biometrics, Selection, and Sequencing Into a Simple Two-Step Action
Page 01 of 3
A Highly Usable and Highly Secure Access Method Combining Biometrics , Selection, and Sequence Into a Simple Two-Step Action
Many solutions exist that attempt to provide secure access to assets on computing devices of all kinds, from smart phones to tablets to laptops, to kiosks, as well as physical access to rooms, buildings, vehicles, etc. These solutions take many forms, and certain forms tend to be applied to specific contexts.
In each context, users must sign-in to access one or more resources on a device, at a point of sale appliance, or a building or vehicle entry system. These resources are provided as separate entities, such as accounts, virtual machines, servers, accounts within a master account, subsets of rooms in a building, features or settings within a vehicle, etc., to which various users may have access. In many cases it may be desirable, and more secure, to allow a user to "sign in" to a particular subset of resources, but this increases the complexity of the sign in, and decreases usability.
Passwords are a common "sign in", entered via a computer interface, or by typing a sequence of numbers on a keypad. It is well-known that passwords are fraught with difficulties and security risks, so those will not be recounted here. In any case, a password represents a single 'key' to entry to a system or set of services. There are many types of keys; badge readers are essentially the same approach, a password encoded on a magnetic strip or radio frequency ID tag (RFID), and biometric scanners also represent a single 'key'. Single 'key' access can be thought of as passing through a gate. In some contexts, many resources may reside on the far side of the gate; in other contexts each resource can have it's own gate. Since each gate requires a key, the latter context requires more keys, while the former provides less security, since the breach of a single gate provides access to many resources.
When additional security is paramount in a physical situation, e.g. access to a residence, one or more locks are employed to provided extra security; if one key is stolen, the residents assets are still secure. But this also makes entry more cumbersome, as separate keys must be selected and inserted. Of course, this same approach can be applied to security executed through software. A gate to a set of resources each having their own gate is an example. However, in this case the usability is further degraded because, in addition to the two keys, a third step - resource selection - must be added, and this step provides NO additional security.
While the degree of security itself is critical, usability is a second critical aspect for security. Poor usability makes for poor security. When considering usability in a security method, two elementary factors are the number of required user interactions and the demands on human memory. Are unnecessary interactions required? In a context with many gates behind a single gate, after passing the fi...