dc.contributor.author | Ullah, A. | |
dc.contributor.author | Xiao, Hannan | |
dc.contributor.author | Barker, T. | |
dc.contributor.author | Lilley, M. | |
dc.date.accessioned | 2015-04-28T08:34:08Z | |
dc.date.available | 2015-04-28T08:34:08Z | |
dc.date.issued | 2014-12 | |
dc.identifier.citation | Ullah , A , Xiao , H , Barker , T & Lilley , M 2014 , Graphical and text based challenge questions for secure and usable authentication in online examinations . in Procs 2014 9th Int Conf for Internet Technology and Secured Transactions (ICITST) . Institute of Electrical and Electronics Engineers (IEEE) , pp. 302-308 , 9th Int Conf for Internet Technology and Secured Transactions (ICITST) , London , United Kingdom , 8/12/14 . https://doi.org/10.1109/ICITST.2014.7038825 | |
dc.identifier.citation | conference | |
dc.identifier.other | Bibtex: urn:fa014b9cb41a48f5d4b56a3f93d31aac | |
dc.identifier.other | ORCID: /0000-0003-2273-6679/work/32373810 | |
dc.identifier.uri | http://hdl.handle.net/2299/15856 | |
dc.description.abstract | In traditional online examination environments, physical interaction is often replaced with authentication mechanisms. The absence of face-to-face interaction increases the number of authentication challenges. The authors developed and implemented a Profile Based Authentication Framework (PBAF) with the aim to integrate learning and examination processes for secure online examinations. The PBAF approach utilizes the widely used knowledge-based authentication mechanisms: login identifier and passwords and challenge questions. These approaches are reported with a number of benefits and limitations in term of usability and security. Previous studies suggests that the use of image-based graphical authentication may provide usable and secure solution. This paper presents the findings of an empirical study, utilizing a hybrid approach combining image and text-based challenge questions in a real online learning environment. A traffic light system was implemented to improve usability of the PBAF. The traffic light system relaxed authentication constraints for a significant number of users' attempts which would otherwise be penalized (p<; 0.01). An abuse case scenario was designed to assess the security of the PBAF method against impersonation attack. The number of participants in abuse case scenario was small, however, results demonstrate that participants were able to share both text-based and image-based questions for impersonation attack | en |
dc.format.extent | 7 | |
dc.language.iso | eng | |
dc.publisher | Institute of Electrical and Electronics Engineers (IEEE) | |
dc.relation.ispartof | Procs 2014 9th Int Conf for Internet Technology and Secured Transactions (ICITST) | |
dc.subject | authorisation | |
dc.subject | computer graphics | |
dc.subject | knowledge based systems | |
dc.subject | learning (artificial intelligence) | |
dc.subject | PBAF approach | |
dc.subject | face-to-face interaction | |
dc.subject | graphical challenge questions | |
dc.subject | image-based graphical authentication | |
dc.subject | impersonation attack | |
dc.subject | knowledge-based authentication mechanisms | |
dc.subject | login identifier | |
dc.subject | online examination environments | |
dc.subject | online learning environment | |
dc.subject | passwords | |
dc.subject | physical interaction | |
dc.subject | profile based authentication framework | |
dc.subject | secure authentication | |
dc.subject | text based challenge questions | |
dc.subject | traffic light system | |
dc.subject | usable authentication | |
dc.subject | Authentication | |
dc.subject | Educational institutions | |
dc.subject | Image recognition | |
dc.subject | Internet | |
dc.subject | Syntactics | |
dc.subject | Usability | |
dc.subject | Online learning | |
dc.subject | authentication | |
dc.subject | challenge questions | |
dc.subject | examination | |
dc.subject | profile | |
dc.subject | security | |
dc.subject | usability | |
dc.title | Graphical and text based challenge questions for secure and usable authentication in online examinations | en |
dc.contributor.institution | School of Computer Science | |
dc.contributor.institution | Science & Technology Research Institute | |
dc.contributor.institution | Centre for AI and Robotics Research | |
dc.contributor.institution | Department of Computer Science | |
dc.contributor.institution | School of Physics, Engineering & Computer Science | |
dc.contributor.institution | Cybersecurity and Computing Systems | |
dc.contributor.institution | Networks and Security Research Centre | |
rioxxterms.versionofrecord | 10.1109/ICITST.2014.7038825 | |
rioxxterms.type | Other | |
herts.preservation.rarelyaccessed | true | |