Computer Engineering and Applications ›› 2018, Vol. 54 ›› Issue (6): 19-25.DOI: 10.3778/j.issn.1002-8331.1712-0323

Previous Articles     Next Articles

Review of implicit authentication for mobile devices

XU Guoyu, MIAO Xuna, ZHANG Junfeng, JIANG Tao, MA Xiaofei   

  1. College of Computer and Information Engineering, Henan University of Economics and Law, Zhengzhou 450002, China
  • Online:2018-03-15 Published:2018-04-03


徐国愚,苗许娜,张俊峰,姜  涛,马小飞   

  1. 河南财经政法大学 计算机与信息工程学院,郑州 450002

Abstract: The implicit authentication for mobile devices transparently and continuously authenticates users by monitoring information such as mobile devices environment and user behavior, which can enhance the availability and security of existing authentication mechanisms. This paper introduces the research of implicit authentication schemes. Firstly, the local and network-based architecture is introduced. Secondly, five types of data collection methods are summarized. Thirdly, user identification classification algorithms are introduced, which based on machine learning and so on. The correctness of each algorithm is analyzed and compared. Finally, two types of access control mechanisms are summarized, and the mimicry attacks and privacy leaks of implicit authentication are discussed.

Key words: implicit authentication, mobile device, user behavior, access control, information security

摘要: 面向移动终端的隐式身份认证机制通过监测移动终端环境以及用户行为等信息对用户进行透明且持续地认证,能够增强现有身份认证机制的可用性与安全性。该文对隐式身份认证技术的研究现状进行介绍。介绍了基于本地与基于网络的隐式身份认证框架;归纳总结出五类数据采集方式;对基于机器学习等多种用户分类算法进行了介绍,分析比较了各算法的正确率;归纳出两类访问控制机制,并对隐式身份认证所面临的模拟行为攻击以及用户隐私泄漏安全问题进行了讨论。

关键词: 隐式身份认证, 移动终端, 用户行为, 访问控制, 信息安全