À la Une

Soutenance de thèse Emin Huseynov


M. Emin Huseynov soutiendra en anglais, en vue de l'obtention du grade de docteur en systèmes d'information de la Faculté des sciences de la société, sa thèse intitulée:

Context-Aware Multi-factor Authentication for the Augmented Human

Date: Mardi 12 mai 2020 à 10h15

Lieu: Zoom (instructions de connection en bas de page)

Jury de thèse:

  • Prof. Jean-Henry Morin (Président du jury), CUI, Université de Genève
  • Prof. Giovanna Di Marzo Serugendo (Co-directrice de thèse), CUI, Université de Genève
  • Dr. Jean-Marc Seigneur (Co-directeur de thèse), CUI, Université de Genève  
  • Prof. Sviatoslav Voloshynovskiy, CUI, Université de Genève
  • Prof. Alessandro Aldini, Information Science and Technology Institute, University of Urbino

Multi-factor authentication is currently one of the de-facto standards for systems requiring strong security. In most of the cases, multi-factor authentication is rather complex and not very user-friendly, as it requires additional steps as far as end-users are concerned: e.g. with two-factor authentication, in addition to entering a username and a password (usually considered as a first factor), users need to manually enter an additional code (second factor) that they either receive by text messages, look up in a previously printed list of passwords or generated by a hardware or software token.
An extensive review of potential security risks that multi-factor authentication is capable of mitigating is a significant part of this thesis. The thesis will review phishing as one of the biggest end-user targeted attacks and describe the security risks as well as modern methods of such attacks that can potentially lead to theft of sensitive data, such as user credentials, passwords and/or credit card information.
The main purpose of this research is to review existing multi-factor authentication systems, primarily in corporate applications, and overcome existing gaps and shortcomings with introducing contexts of various types of additional authentication factors. Context as a word means the influence factors and events related to a particular situation. In our case, the meaning remains the same, it is only worth mentioning that in the situation we are applying the context - it is namely the user authentication operation or sequence of operations.
Also, the goal of this research is to make the process user-friendly and possible to use with Augmented Human technologies while keeping the level of security at the highest level possible. This is to be achieved by both improving existing systems after critical evaluation, as well as proposing new solutions that can improve user experience with multi-factor authentication. In addition to improving client-side techniques such as hardware or software tokens and the methods of transmitting the additional authentication factors, server-side implementations will also be reviewed. This would allow introducing multi-factor authentication in systems that are not natively supporting more than one authentication factors.
During this research, a complex and comprehensive approach to multi-factor authentication is to be used to cover all aspects and security concerns of each and every solution and potential security risk. The research will cover different components of such authentication systems such as end-user facing components including but not limited to devices and software, methods of transferring authentication factors from such devices and software to main authentication stations and, finally, the authentication servers destined to verify the additional factors submitted by users.
The focus of this work is to improve and minimize (ideally to zero) user interaction required to authenticate using additional authentication factors. User experience improvement is researched not only in the context of authentication processes (i.e. logging in to end systems with multifactor authentication enabled) but also the user enrollment procedures as well, so the review of administrative effort to enable strong security for end-users in corporate environments will be considered as the complexity factor. Researches toward enabling fully self-service enrollment for end users are also meant to review possible solutions to minimize administrative burden of the process.
In addition to classic authentication factors such as hardware tokens, this thesis will research modern solutions, many being in line with the Augmented Human concept such as solutions introducing additional innovative context factors, hence the title. The concept of using Augmented Human technologies in multifactor authentication is mainly based on using factors belonging to a user as a human being as additional authentication factors. Examples of such factors are properties such as the biometric characteristics, the physical path of the person’s movements, the sound he/she produces or surrounded with.
As a part of this research, a user acceptance survey was also conducted in order to validate the user experience of modern multifactor authentication systems used by widely used corporate enterprise solutions such as Microsoft Office 365, Citrix XenApp, Google Suite, Duo and similar.
The survey was conducted in a form of a comparison between using classic authentication methods and modern authentication solutions proposed as innovations within this research. The results of the survey, presented in Chapter 5, are showing higher user acceptance of the proposed novel solutions compared to classic approach.

Pour participer à la réunion Zoom:

ID de réunion : 456 123 2020
Mot de passe : 007
Une seule touche sur l’appareil mobile
+41225910005,,4561232020#,,#,007# Suisse
+41225910156,,4561232020#,,#,007# Suisse

Composez un numéro en fonction de votre emplacement
        +41 22 591 00 05 Suisse
        +41 22 591 01 56 Suisse
        +41 31 528 09 88 Suisse
        +41 43 210 70 42 Suisse
        +41 43 210 71 08 Suisse
        +33 1 7037 2246 France
        +33 1 7037 9729 France
        +33 1 7095 0103 France
        +33 1 7095 0350 France
        +33 7 5678 4048 France
ID de réunion : 456 123 2020
Mot de passe : 007
Trouvez votre numéro local : https://unige.zoom.us/u/adurgKQF8F

Participer à l’aide d’un protocole SIP

Participer à l’aide d’un protocole H.323 (US West) (US East) (EMEA)
Mot de passe : 007
ID de réunion : 456 123 2020

Participer via Skype Entreprise