Users with limited use of their hands, such as people suffering from disabilities of the arm, shoulder, and hand (DASH), face challenges when authenticating with computer terminals, specially with publicly accessible terminals such as ATMs. A new glass wearable device was recently introduced by Google and it was immediately welcomed by groups of users, such as the ones described above, as Google Glass allows them to perform actions, like taking a photo, using only verbal commands. This paper investigates whether glass wearable devices can be used to authenticate users, both to grant access (one-time) and to maintain access (continuous), in similar hands-free fashion. We do so by designing and implementing Gauth, a system that enables users to authenticate with a service simply by issuing a voice command, while facing the computer terminal they are going to use to access the service. To achieve this goal, we create a physical communication channel from the terminal to the device using machine readable visual codes, like QR codes, and utilize the device's network adapter to communicate directly with a service. More importantly, we continuously authenticate the user accessing the terminal, exploiting the fact that a user operating a terminal is most likely facing it most of the time. We periodically issue authentication challenges, which are displayed as a QR code on the terminal, that cause the glass device to re-authenticate the user with an appropriate response. We evaluate our system to determine the technical limits of our approach.
翻译:使用手部有限的用户,例如手部、肩膀和手部残疾人(DASH),在与计算机终端进行认证时面临挑战,特别是使用ATM等可公开获取的终端。谷歌最近推出了一个新的玻璃磨损装置,该装置立即受到用户团体的欢迎,如上文所述的用户团体,Google Glas允许他们采取行动,比如拍照,只使用口头指令。本文调查玻璃磨损装置是否可以用于认证用户,既允许(一次性)进入,又保持(连续)使用,使用类似手无阻的方式。我们这样做的方式是设计和实施Gauth,这个系统使用户能够仅通过发出语音指令来认证服务。为了实现这一目标,我们用机器可读的视觉代码(如QR代码),从终端到设备,我们创建了一个有形的通信频道,我们使用该装置的网络调整器直接与服务进行沟通。更重要的是,我们不断验证用户进入终端的时间,通过发布语音指令,从而可以定期显示用户的终端功能。
相关内容
Source: Apple - iOS 8
微信扫码咨询专知VIP会员