PDL Abstract

Authentication Confidences

Carnegie Mellon University Technical Report CMU-CS-01-123, May 2001.

Gregory R. Ganger

Dept. Electrical & Computer Engineering
Carnegie Mellon University
Pittsburgh, PA 15213

"Over the Internet, no one knows you're a dog," goes the joke. Yet, in most systems, a password submitted over the Internet gives one the same access rights as one typed at the physical console. We promote an alternate approach to authentication, in which a system fuses observations about a user into a probability (an authentication confidence) that the user is who they claim to be. Relevant observations include password correctness, physical location, activity patterns, and biometric readings. Authentication confidences refine current yes-or-no authentication decisions, allowing systems to cleanly provide partial access rights to authenticated users whose identities are suspect.

FULL PAPER: pdf / postscript