|
Property | Description |
|
Adaptation |
Object to adapt | Authentication mechanism. In the demo case password based authentication is enforced when the sufficient authentication level is not reached from the location information. |
Adaptation timing | Runtime and reactive |
Monitoring and analyses | Locations of user’s devices and timestamps are monitored by means of context management framework. The ULPC analyses monitor results by means of the developed fusion algorithms. Additional analyses are left for the application and not described in the paper. Hence, the application concludes the current authentication level. |
Planning and execution | Each application has to contain its own planning and execution mechanism. Hence, these phases are left for the application developer. |
Knowledge | Monitored attributes are selected beforehand, and the fusion algorithm contains knowledge for analyses. Moreover, planning and execution is intended to occur inside the application. Thus, the approach does not contain separated knowledge storage. |
Self-properties | Self-configuration, that is, the approach selects among different authentication alternatives. Context awareness, that is, the approach monitors user’s location and time. |
|
Security |
Attributes | Authentication |
Mechanisms | The approach makes it possible to select alternative user authentication mechanisms if the location based authentication does not offer reasonable authentication level. |
Protected asset | User’s identity |
Threats | Identity theft |
|
Lifecycle |
Architecture | Separated components for context monitoring and user’s location analysing. These components are independent from the application. However, structure for additional analyses and adaptation planning is not described. |
Extensibility | The whole approach is intended for authentication adaptation, and thus extending the approach will be laborious. The approach can be seen as a potential extension for other security adaptation approaches. Especially those that already contain analysing and planning components. |
Flexibility | The used context information includes location and timestamps. The approach is strongly related to this information, and using different context information needs new algorithms and components. |
Reusability | Presented components are not coupled to the application logic and interfaces are clear. Thus, reusing will be easy. |
Maturity | Authors validated the approach with a laboratory case, called Buddy spotter application. In the case example, a user is able to see her current authentication level and which mechanisms are used in authentication. User is able to set a minimal authentication level that her buddies have to reach in order to get user’s information. The use of the fusion algorithm is simulated. Information is available in the related publications. Implementation guidelines or available software components are not mentioned. However, the publications give descriptions of fusion algorithms. Thus, the algorithms can be implemented based on available information. The latest article from the approach appeared in 2011. The software community or code libraries are not available. |
|