Social Authentication: Harder Than It Looks
نویسندگان
چکیده
A number of web service firms have started to authenticate users via their social knowledge, such as whether they can identify friends from photos. We investigate attacks on such schemes. First, attackers often know a lot about their targets; most people seek to keep sensitive information private from others in their social circle. Against close enemies, social authentication is much less effective. We formally quantify the potential risk of these threats. Second, when photos are used, there is a growing vulnerability to face-recognition algorithms, which are improving all the time. Network analysis can identify hard challenge questions, or tell a social network operator which users could safely use social authentication; but it could make a big difference if photos weren’t shared with friends of friends by default. This poses a dilemma for operators: will they tighten their privacy default settings, or will the improvement in security cost too much revenue?
منابع مشابه
An Analysis of Social Network Connect Services
Social network platforms are increasingly becoming identity providers and a media for showing multiple types of activity from third-party web sites. In this article, we analyze the services provided by seven of the most popular social network platforms. Results show OAuth emerging as the authentication and authorization protocol, giving support to three types of APIs, client-side or Javascript,...
متن کاملSort out Your Neighbourhood: Public Good Games on Dynamic Networks
Axelrod (1984) and others explain how cooperation can emerge in repeated 2-person prisoner's dilemmas. But in public good games with anonymous contributions, we expect a breakdown of cooperation because direct reciprocity fails. However, if agents are situated in a social network determining which agents interact, and if they can in uence the network, then cooperation can be a viable strategy. ...
متن کاملHuman infants' learning of social structures: the case of dominance hierarchy.
We tested 15-month-olds' capacity to represent social-dominance hierarchies with more than two agents. Our results showed that infants found it harder to memorize dominance relations that were presented in an order that hindered the incremental formation of a single structure (Study 1). These results suggest that infants attempt to build structures incrementally, relation by relation, thereby s...
متن کاملAuthorization and Charging in Public WLANs Using FreeBSD and 802.1x
The IEEE 802.1x standard defines a link-layer level authentication protocol for local area networks. While originally designed to authenticate users in a switched Ethernet environment, it looks like the most important need for 802.1x lies in wireless networks, especially IEEE 802.11b based Wireless LANs. Furthermore, due to the flexibility of the Extensible Authentication Protocol (EAP), the he...
متن کاملImplementing Choice Based Graphical Password Authentication in Social Networking Site
Information security is supported largely by passwords which are the principle part of the authentication process. To overcome the vulnerabilities of traditional methods, choice based graphical password schemes have been developed. This paper provides guidelines for implementing an authentication system for data security at profile login in context to social networking sites. The proposed frame...
متن کامل