Abstract
Mobile devices, in the form of smartphones and tablet computers, are going through an amazing growth cycle. The devices are powerful and robust enough to house an incredible amount of sensitive data about our personal and business lives. These devices, however, have relatively weak authentication systems, generally consisting of a pin number or pattern matching challenge. In addition to the weak authentication systems, the input mechanism of using a finger on a touchscreen leaves a residue trail that can be easily recovered, allowing an attacker to recover some or all of the authentication code. This thesis examines the strengths and weaknesses of the authentication systems available on iOS and Android systems. It then looks for alternative improved solutions by examining the array of sensor technologies on current mobile devices. Three improved solutions are presented, including a dynamic touchscreen pattern that removes the ability for a smudge attack, a forced rotation authentication screen that obfuscates input patterns, and a GPS enabled system that reduces authentication requirements when in a designated "safe zone".
Library of Congress Subject Headings
Mobile computing--Security measures; Digital signatures
Publication Date
2-1-2012
Document Type
Thesis
Student Type
- Please Select One -
Advisor
Border, Charles
Advisor/Committee Member
Pan, Yin
Advisor/Committee Member
O'Donnell, Joe
Recommended Citation
Pinch, Michael, "Improving security and usability of mobile device authentication mechanisms" (2012). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/4932
Campus
RIT – Main Campus
Plan Codes
COMPSEC-MS
Comments
Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works in December 2013. Physical copy available through RIT's The Wallace Library at: QA76.59 .P46 2012