東華大學圖書館 |

語系: 繁體中文

說明(常見問題)

回圖書館首頁

手機版館藏查詢

登入

回首頁 到查詢結果 [ null ]

切換: 標籤 | MARC模式 | ISBD

FindBook

Google Book

Amazon

博客來

Improving Authentication for Users Via Better Understanding Password use and Abuse.

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Improving Authentication for Users Via Better Understanding Password use and Abuse./
作者:	Murray, Hazel.
出版者:	Ann Arbor : ProQuest Dissertations & Theses, : 2021,
面頁冊數:	370 p.
附註:	Source: Dissertations Abstracts International, Volume: 83-07, Section: B.
Contained By:	Dissertations Abstracts International83-07B.
標題:	Web sites. -
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28847710
ISBN:	9798759942450

Improving Authentication for Users Via Better Understanding Password use and Abuse.
Murray, Hazel.

Improving Authentication for Users Via Better Understanding Password use and Abuse. - Ann Arbor : ProQuest Dissertations & Theses, 2021 - 370 p.

Source: Dissertations Abstracts International, Volume: 83-07, Section: B.

Thesis (Ph.D.)--National University of Ireland, Maynooth (Ireland), 2021.

This item must not be sold to any third party vendors.

Passwords are our primary form of authentication. Yet passwords are a major vulnerability for computer systems due to their predictable nature, in fact Florencio et al., conclude that human limitations makes what is often considered to be "proper password use" impossible [52]. It is vital we improve authentication with respect to both security and usability. The aim of this research is to investigate password use and abuse in order to improve authentication for users.We investigate circulated password advice that claims to help in this security fight. We find that it is contradictory, often at odds with best practice and research findings, and can be ambiguous and taxing on users. We complete a user study investigating user and administrator perceptions of the password advice collected. We leverage knowledge of security benefits, usability and organisation costs to investigate the trade-offs that exist when security advice is enforced.To improve password systems, effective and accurate information is needed regarding the prevalence of security vulnerabilities. We develop a guessability metric which produces guessing success results that are independent of the underlying distribution of the data. We use this to prove that small password breaches can lead to major vulnerabilities to entire cohorts of other users. We also demonstrate that a tailored learning algorithm can actively learn characteristics of the passwords it is guessing, and that it can leverage this information to improve its guessing. We demonstrate that characteristics such as nationality can be derived from data and used to improve guessing, this reduces security in an online environment and potentially leaks private information about cohorts of users.Finally, we design models to quantify the effectiveness of security policies. We demonstrate the value of the NIST 2017 guidelines. We find that if an organisation is willing to bear costs on themselves, they can significantly improve usability for their end-users, and simultaneously increase their security.

ISBN: 9798759942450Subjects--Topical Terms:

560191
Web sites.

Improving Authentication for Users Via Better Understanding Password use and Abuse.
LDR:03103nmm a2200313 4500 001 2350362
005 20221020125743.5
008 241004s2021 ||||||||||||||||| ||eng d
020 $a 9798759942450
035 $a (MiAaPQ)AAI28847710
035 $a (MiAaPQ)Maynooth14880
035 $a AAI28847710
040 $a MiAaPQ $c MiAaPQ
100 1 $a Murray, Hazel. $3 3689840
245 1 0 $a Improving Authentication for Users Via Better Understanding Password use and Abuse.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2021
300 $a 370 p.
500 $a Source: Dissertations Abstracts International, Volume: 83-07, Section: B.
500 $a Advisor: Malone, David.
502 $a Thesis (Ph.D.)--National University of Ireland, Maynooth (Ireland), 2021.
506 $a This item must not be sold to any third party vendors.
520 $a Passwords are our primary form of authentication. Yet passwords are a major vulnerability for computer systems due to their predictable nature, in fact Florencio et al., conclude that human limitations makes what is often considered to be "proper password use" impossible [52]. It is vital we improve authentication with respect to both security and usability. The aim of this research is to investigate password use and abuse in order to improve authentication for users.We investigate circulated password advice that claims to help in this security fight. We find that it is contradictory, often at odds with best practice and research findings, and can be ambiguous and taxing on users. We complete a user study investigating user and administrator perceptions of the password advice collected. We leverage knowledge of security benefits, usability and organisation costs to investigate the trade-offs that exist when security advice is enforced.To improve password systems, effective and accurate information is needed regarding the prevalence of security vulnerabilities. We develop a guessability metric which produces guessing success results that are independent of the underlying distribution of the data. We use this to prove that small password breaches can lead to major vulnerabilities to entire cohorts of other users. We also demonstrate that a tailored learning algorithm can actively learn characteristics of the passwords it is guessing, and that it can leverage this information to improve its guessing. We demonstrate that characteristics such as nationality can be derived from data and used to improve guessing, this reduces security in an online environment and potentially leaks private information about cohorts of users.Finally, we design models to quantify the effectiveness of security policies. We demonstrate the value of the NIST 2017 guidelines. We find that if an organisation is willing to bear costs on themselves, they can significantly improve usability for their end-users, and simultaneously increase their security.
590 $a School code: 8741.
650 4 $a Web sites. $3 560191
650 4 $a Privacy. $3 528582
650 4 $a Web studies. $3 2122754
650 4 $a Computer science. $3 523869
690 $a 0646
690 $a 0984
710 2 $a National University of Ireland, Maynooth (Ireland). $3 3554182
773 0 $t Dissertations Abstracts International $g 83-07B.
790 $a 8741
791 $a Ph.D.
792 $a 2021
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28847710