An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks

William Aiken; Hyoungshick Kim; Jungwoo Ryoo; Mary Beth Rosson

doi:10.1109/PST.2018.8514215

An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks

William Aiken, Hyoungshick Kim, Jungwoo Ryoo, Mary Beth Rosson

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90% confidence.

Original language	English (US)
Title of host publication	2018 16th Annual Conference on Privacy, Security and Trust, PST 2018
Editors	Robert H. Deng, Stephen Marsh, Jason Nurse, Rongxing Lu, Sakir Sezer, Paul Miller, Liqun Chen, Kieran McLaughlin, Ali Ghorbani
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9781538674932
DOIs	https://doi.org/10.1109/PST.2018.8514215
State	Published - Oct 29 2018
Event	16th Annual Conference on Privacy, Security and Trust, PST 2018 - Belfast, Northern Ireland, United Kingdom Duration: Aug 28 2018 → Aug 30 2018

Publication series

Name	2018 16th Annual Conference on Privacy, Security and Trust, PST 2018

Conference

Conference	16th Annual Conference on Privacy, Security and Trust, PST 2018
Country/Territory	United Kingdom
City	Belfast, Northern Ireland
Period	8/28/18 → 8/30/18

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Information Systems and Management
Safety, Risk, Reliability and Quality

Access to Document

10.1109/PST.2018.8514215

Cite this

Aiken, W., Kim, H., Ryoo, J., & Rosson, M. B. (2018). An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. In R. H. Deng, S. Marsh, J. Nurse, R. Lu, S. Sezer, P. Miller, L. Chen, K. McLaughlin, & A. Ghorbani (Eds.), 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018 Article 8514215 (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/PST.2018.8514215

Aiken, William ; Kim, Hyoungshick ; Ryoo, Jungwoo et al. / An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018. editor / Robert H. Deng ; Stephen Marsh ; Jason Nurse ; Rongxing Lu ; Sakir Sezer ; Paul Miller ; Liqun Chen ; Kieran McLaughlin ; Ali Ghorbani. Institute of Electrical and Electronics Engineers Inc., 2018. (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018).

@inproceedings{51a4b3b1d69341c2adfc120cc7f3b3ee,

title = "An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks",

abstract = "This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90% confidence.",

author = "William Aiken and Hyoungshick Kim and Jungwoo Ryoo and Rosson, {Mary Beth}",

note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 16th Annual Conference on Privacy, Security and Trust, PST 2018 ; Conference date: 28-08-2018 Through 30-08-2018",

year = "2018",

month = oct,

day = "29",

doi = "10.1109/PST.2018.8514215",

language = "English (US)",

series = "2018 16th Annual Conference on Privacy, Security and Trust, PST 2018",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

editor = "Deng, {Robert H.} and Stephen Marsh and Jason Nurse and Rongxing Lu and Sakir Sezer and Paul Miller and Liqun Chen and Kieran McLaughlin and Ali Ghorbani",

booktitle = "2018 16th Annual Conference on Privacy, Security and Trust, PST 2018",

address = "United States",

}

Aiken, W, Kim, H, Ryoo, J & Rosson, MB 2018, An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. in RH Deng, S Marsh, J Nurse, R Lu, S Sezer, P Miller, L Chen, K McLaughlin & A Ghorbani (eds), 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018., 8514215, 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018, Institute of Electrical and Electronics Engineers Inc., 16th Annual Conference on Privacy, Security and Trust, PST 2018, Belfast, Northern Ireland, United Kingdom, 8/28/18. https://doi.org/10.1109/PST.2018.8514215

An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. / Aiken, William; Kim, Hyoungshick; Ryoo, Jungwoo et al.
2018 16th Annual Conference on Privacy, Security and Trust, PST 2018. ed. / Robert H. Deng; Stephen Marsh; Jason Nurse; Rongxing Lu; Sakir Sezer; Paul Miller; Liqun Chen; Kieran McLaughlin; Ali Ghorbani. Institute of Electrical and Electronics Engineers Inc., 2018. 8514215 (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks

AU - Aiken, William

AU - Kim, Hyoungshick

AU - Ryoo, Jungwoo

AU - Rosson, Mary Beth

PY - 2018/10/29

Y1 - 2018/10/29

N2 - This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90% confidence.

AB - This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90% confidence.

UR - http://www.scopus.com/inward/record.url?scp=85063467985&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85063467985&partnerID=8YFLogxK

U2 - 10.1109/PST.2018.8514215

DO - 10.1109/PST.2018.8514215

M3 - Conference contribution

AN - SCOPUS:85063467985

T3 - 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018

BT - 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018

A2 - Deng, Robert H.

A2 - Marsh, Stephen

A2 - Nurse, Jason

A2 - Lu, Rongxing

A2 - Sezer, Sakir

A2 - Miller, Paul

A2 - Chen, Liqun

A2 - McLaughlin, Kieran

A2 - Ghorbani, Ali

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 16th Annual Conference on Privacy, Security and Trust, PST 2018

Y2 - 28 August 2018 through 30 August 2018

ER -

Aiken W, Kim H, Ryoo J, Rosson MB. An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. In Deng RH, Marsh S, Nurse J, Lu R, Sezer S, Miller P, Chen L, McLaughlin K, Ghorbani A, editors, 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018. Institute of Electrical and Electronics Engineers Inc. 2018. 8514215. (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018). doi: 10.1109/PST.2018.8514215

An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this