Publication: Implementación y análisis de mecanismos de autenticación basados en eye tracking
Loading...
Identifiers
Publication date
2017
Defense date
2017-10-17
Authors
Tutors
Journal Title
Journal ISSN
Volume Title
Publisher
Impact
Export
Abstract
La autenticación es la capacidad de demostrar que un usuario es realmente quién asegura ser, y es uno de los procesos principales que suele utilizarse como control de acceso a los recursos utilizados en un sistema. Tradicionalmente han existido como mecanismos de autenticación el uso de credenciales, usuario y contraseña, para Internet y código PIN o patrón táctil para dispositivos móviles. Estos mecanismos de autenticación presentan evidentes vulnerabilidades, como el ataque conocido como Shoulder Surfing, el cual consiste en observar directamente el dispositivo de otra persona con el fin de obtener cualquier información útil.
La seguridad de los datos personales que se almacenan en los dispositivos electrónicos es una de las mayores preocupaciones de los usuarios en la actualidad. Además de la búsqueda de mayor seguridad en los dispositivos electrónicos, los usuarios valoran positivamente la usabilidad de los mecanismos de autenticación, es decir, que sean cómodos, fáciles de manejar y rápidos.
Optimizar el proceso de autenticación ha sido uno de los objetivos prioritarios durante los últimos años para los investigadores y compañías. Aunque la cantidad de sistemas en los que nos autenticamos ha aumentado, los mecanismos de autenticación siguen siendo los tradicionales. Observando que este ámbito está en continuo crecimiento y sabiendo que es algo que interesa a millones de usuarios que valoran la integridad de su información, se va a realizar el presente Trabajo Fin de Grado.
Durante éste se van a implementar y comparar diversos mecanismos de autenticación basados en el reconocimiento y seguimiento de la mirada mediante el dispositivo The Eye Tribe. Estos tipos de autenticación son interesantes ya que tienen el potencial de aumentar la usabilidad de los mecanismos de autenticación, serían útiles para usuarios con discapacidad o escenarios donde introducir la contraseña pueda resultar incómodo, y a la vez reducen el riesgo de sufrir ataques, como el mencionado shoulder surfing.
En las siguientes páginas de este documento, se va a detallar la implementación de cada uno de los mecanismos de autenticación y se van a desglosar los resultados de las pruebas finales.
Authentication is the ability to demonstrate that a user is really who he or she claims to be, and is one of the main processes that is often used as access control to the resources used in a system. The most used authentication mechanisms in the past were the use of credentials, user and password, for the Internet and PIN code access or touch pattern for mobile devices. These authentication mechanisms have several vulnerabilities such as the Shoulder Surfing attack which consists on observing directly into another person’s device in order to obtain any valuable information. The security of the personal stored data in electronic devices is currently one of the main concerns of the users. Furthermore, the users see as a positive factor the good usability of the authentication mechanisms, meaning comfortable, easy to handle and fast authentication mechanisms. Optimizing the authentication process has been one of the main goals over the last few years for researchers and companies. Despite the amount of systems in which we authenticate has increased, the traditional authentication mechanisms are still being the most used. Regarding that this area is constantly growing and knowing that this matter interests to millions of users that appreciate the integrity of their information, this bachelor thesis is going to be carried out. Along this project, various authentication mechanisms based on the eye tracking technology with The Eye Tribe device are going to be implemented and compared. This kind of authentication mechanisms are interesting as they have the potential to increase the usability of the authentication mechanisms, it is useful for people with disabilities or for scenarios where entering the password is uncomfortable, and at the same time they reduce the risk of suffering attacks, such as the mentioned before shoulder surfing attack.
Authentication is the ability to demonstrate that a user is really who he or she claims to be, and is one of the main processes that is often used as access control to the resources used in a system. The most used authentication mechanisms in the past were the use of credentials, user and password, for the Internet and PIN code access or touch pattern for mobile devices. These authentication mechanisms have several vulnerabilities such as the Shoulder Surfing attack which consists on observing directly into another person’s device in order to obtain any valuable information. The security of the personal stored data in electronic devices is currently one of the main concerns of the users. Furthermore, the users see as a positive factor the good usability of the authentication mechanisms, meaning comfortable, easy to handle and fast authentication mechanisms. Optimizing the authentication process has been one of the main goals over the last few years for researchers and companies. Despite the amount of systems in which we authenticate has increased, the traditional authentication mechanisms are still being the most used. Regarding that this area is constantly growing and knowing that this matter interests to millions of users that appreciate the integrity of their information, this bachelor thesis is going to be carried out. Along this project, various authentication mechanisms based on the eye tracking technology with The Eye Tribe device are going to be implemented and compared. This kind of authentication mechanisms are interesting as they have the potential to increase the usability of the authentication mechanisms, it is useful for people with disabilities or for scenarios where entering the password is uncomfortable, and at the same time they reduce the risk of suffering attacks, such as the mentioned before shoulder surfing attack.
Description
Keywords
Eyetracking, Autenticación, The Eye Tribe, Seguridad