Litcius/Paper detail

CirclePIN

Meriem Guerar, Luca Verderame, Alessio Merlo, Francesco Palmieri, Mauro Migliardi, Luca Vallerini

2020ACM Transactions on Cyber-Physical Systems30 citationsDOI

Abstract

In the last months, the market for personal wearable devices has been booming significantly, and, in particular, smartwatches are starting to assume a fundamental role in the Bring Your Own Device (BYOD) arena as well as in the more general Internet of Things (IoT) ecosystem, by acting both as sensitive data sources and as user identity proxies. These new roles, complementing the more traditional personal assistance and telemetry/tracking ones, open new perspectives in their integration in complex IoT-based critical infrastructures such as e-payment, health care monitoring, and emergency systems, as well as in their usage as remote control facilities in smart services. Users can access their IoT devices at any time from any place through smartwatches. We argue that this new scenario calls for a strengthened and more resilient authentication of users on these devices, despite their limitations in terms of dimensions and hardware constraints that may considerably affect the usability of security mechanisms. In this article, we present an innovative authentication scheme targeted at smartwatches, namely CirclePIN, that provides both resilience to most common attacks and a high level of usability in tests with real users.

Topics & Concepts

SmartwatchUsabilityWearable computerComputer scienceComputer securityAuthentication (law)Bring your own devicePaymentResilience (materials science)Internet privacyWearable technologyInternet of ThingsHuman–computer interactionWorld Wide WebMobile deviceEmbedded systemThermodynamicsPhysicsUser Authentication and Security SystemsAdvanced Malware Detection TechniquesPrivacy, Security, and Data Protection