Continuous evaluation of user behaviour against baseline metrics will power a new approach to authentication that lies at the heart of a joint project between Victoria's RMIT University and software giant CA Technologies that was this week ramped up with the awarding of Australian Research Council (ARC) funding.
The project focuses on the alignment of risk adaptation and continuous authentication, two areas where the project's proponents have identified a need for focus in delivering better forms of authentication and user management.
Research conducted since May by RMIT University professors Serder Boztas, Asha Rao, Kathy Horadam and Lewi Stone will see them join forces with CA's Melbourne-based CA Labs research arm to develop new techniques for user authentication based on continuously evaluating security risk profiles and measuring the behavioural consistency of a user against previously observed behaviour.
By identifying “high-risk behaviour patterns”, continuous authentication will “provide a higher level of confidence around who the user is, without causing disruption to the user,” a research spokesperson said.
“Users typically authenticate to any given system only once – when they first access it (e.g. through providing a password or fingerprint),” their ARC filing, numbered LP140100698, says.
“The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone.”
The joint project “will develop a continuous authentication approach based on user behaviour – typical interactions plus biometrics (e.g. keystroke dynamics) – combined with a risk adaptive assessment of the resources being accessed, resulting in re-authentication requests in the event of a suspected compromise.”
New methods of user authentication are rapidly gaining currency as poor account and identity management are fingered in an ever-growing list of successful security breaches.
The recent hack of infidelity site Ashley Madison, for example, was attributed by Noel Biderman, chief executive of parent company Avid Life, as having been committed by “a person here that was not an employee but certainly had touched our technical services”.
Recent research from identity-management firm Centrify highlighted the importance of better user authentication, with the recent State of the Corporate Perimeter survey finding that 55 percent of IT decision makers had previously suffered a security breach – and 59 percent saying they had shared access credentials with other employees at least somewhat often.
Some 52 percent of respondents said they shared access with contractors at least somewhat often, with 82 percent saying it would be “at least somewhat easy” for contractors to access the company's digital assets. Fully 53 percent said former employees would be able to easily log in and access data.
A follow-up survey conducted amongst Australian IT managers found they felt besieged by attackers and that identity management was the key to improving the situation.
The RMIT-CA Labs project is the third successful ARC application for CA's local research arm, whose vice president of research Steve Versteeg called the awards a “testament to our focus on projects that are strategically important to Australia and information security in general, our commitment to the programs recommended, the quality of our proposal and of course, this team’s proven ability to deliver.”
The grant involves financial and in-kind funding from CA Technologies, the ARC and RMIT.
This article is brought to you by Enex TestLab, content directors for CSO Australia.