Location-enhanced authentication using the IoT because you cannot be in two places at once
Paper i proceeding, 2016

User location can act as an additional factor of authentication in scenarios where physical presence is required, such as when making in-person purchases or unlocking a vehicle. This paper proposes a novel approach for estimating user location and modeling user movement using the Internet of Things (IoT). Our goal is to utilize its scale and diversity to estimate location more robustly, than solutions based on smartphones alone, and stop adversaries from using compromised user credentials (e.g., stolen keys, passwords, etc.), when sufficient evidence physically locates them elsewhere. To locate users, we leverage the increasing number of IoT devices carried and used by them and the smart environments that observe these devices. We also exploit the ability of many IoT devices to "sense" the user. To demonstrate our approach, we build a system, called Icelus. Our experiments with it show that it exhibits a smaller false-rejection rate than smartphone-based location-based authentication (LBA) and it rejects attackers with few errors (i.e., false acceptances). © 2016 ACM.

Location-based services

Internet of things




I. Agadakos

Stevens Institute of Technology

Per Hallgren

Chalmers, Data- och informationsteknik, Programvaruteknik

D. Damopoulos

Stevens Institute of Technology

Andrei Sabelfeld

Chalmers, Data- och informationsteknik, Programvaruteknik

G. Portokalidis

Stevens Institute of Technology

ACM International Conference Proceeding Series

Vol. 5 251-264


Hållbar utveckling


Datavetenskap (datalogi)