Visible to the public MAFIA: Multi-Layered Architecture For IoT-Based Authentication

TitleMAFIA: Multi-Layered Architecture For IoT-Based Authentication
Publication TypeConference Paper
Year of Publication2020
AuthorsJain, Pranut, Pötter, Henrique, Lee, Adam J., Mósse, Daniel
Conference Name2020 Second IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)
Keywordsauthentication, Complexity theory, deployment, energy consumption, face recognition, Human Behavior, human factors, Internet-of-Things, Metrics, multifactor authentication, privacy, pubcrawl, resilience, Resiliency, security, usability
AbstractMulti-factor authentication (MFA) systems are being deployed for user authentication in online and personal device systems, whereas physical spaces mostly rely on single-factor authentication; examples are entering offices and homes, airport security, and classroom attendance. The Internet of Things (IoT) growth and market interest has created a diverse set of low-cost and flexible sensors and actuators that can be used for MFA. However, combining multiple authentication factors in a physical space adds several challenges, such as complex deployment, reduced usability, and increased energy consumption. We introduce MAFIA (Multi-layered Architecture For IoT-based Authentication), a novel architecture for co-located user authentication composed of multiple IoT devices. In MAFIA, we improve the security of physical spaces while considering usability, privacy, energy consumption, and deployment complexity. MAFIA is composed of three layers that define specific purposes for devices, guiding developers in the authentication design while providing a clear understanding of the trade-offs for different configurations. We describe a case study for an Automated Classroom Attendance System, where we evaluated three distinct types of authentication setups and showed that the most secure setup had a greater usability penalty, while the other two setups had similar attributes in terms of security, privacy, complexity, and usability but varied highly in their energy consumption.
DOI10.1109/TPS-ISA50397.2020.00035
Citation Keyjain_mafia_2020