DARPA Seeks New Authentication Methods

I’ve talked many times here about the problems with passwords as a means of authenticating computer users (most recently here and here), and about the search for better alternatives.   Some improvements are available, such as two-factor identification methods, but these have their own issues, and are not always enormously secure, either.

Network World reports on a new effort being launched by DARPA, the Defense Advanced Research Projects Agency, to develop new techniques for authenticating users.  The project, which DARPA calls “Active Authentication”, takes a slightly different approach from most past efforts in this area.

… the agency’s Active Authentication program looks to develop what DARPA calls “novel ways of validating the identity of the person at the console that focus on the unique aspects of the individual through the use of software-based biometrics.”

The “biometrics” that are mentioned here are not the usual ones, like fingerprints or hand geometry, but are drawn from a broader set of user characteristics and behavior.

Active Authorization focuses on the computational behavioral traits that can be observed through how we interact with the world.

Examples of the kinds of user behavior that might be considered as authentication factors include:

  • – keystrokes
  • – eye scans
  • – how the user searches for information (verbs and predicates used)
  • – eye tracking on the page
  • – speed with which the individual reads the content

Some of this is similar in concept to some earlier work on user profiles for security.  In its current announcement, DARPA emphasizes that the first phase of the project will concentrate on developing techniques that can be implemented without installing additional hardware devices in a standard office environment.  Later phases might consider new types of sensor technology.

This is an intriguing approach.  The use of multiple authentication factors should increase reliability of the system; also, as DARPA point out, it might help detect intrusions from logged-in workstations left unattended, since the behavioral authentication factors can be measured on an ongoing basis.

2 Responses to DARPA Seeks New Authentication Methods

  1. […] here and here), and about the search for better alternatives.  Just a few days ago, I mentioned DARPA ‘s Active Authentication project to develop new methods of authentication.  How did this all get started, […]

  2. […] mechanism.  There is ongoing interest in alternative methods; DARPA, for example, is sponsoring research into the use of biometric and other personal characteristics.  In an attempt to shore up the basic […]

%d bloggers like this: