L. O'Gorman, M.J. Sammon, J. Bentley, D.J. Skiba, and G.W. Erhart (USA)
User authentication, spoken authentication, ubiquitous computing, wireless device security, challenge-response protocol
User authentication has long been a tiresome task for humans accessing computer systems, one for which ease of-use and security most often conflict. The challenge in this paper is to design a secure authentication scheme for users whose interaction is only via voice, because the users communicate to the computer system via a hands free, wireless headset. We consider, but provide argument against, proposed solutions like traditional passwords and speaker verification. Instead we offer five approaches designed specifically for spoken authentication: an arithmetic protocol, a personal question and answer protocol, a spoken PIN protocol, a location history scheme that exploits the fact that users have mobility as they use the system, and a time-aligned response method. We compare these proposals and give experimental results for some of these as applied to authentication for a mobile communications system prototyped in a working hospital unit. While no method is free of downsides, our tested users preferred the personal Q&A method. However, we believe the contribution of this paper is not in a single chosen method, but in articulating the problem statement, offering a range of solutions, and providing some groundwork for comparison and evaluation.
Important Links:
Go Back
