基于地理位置的用户身份验证

阅读论文：Where Have You Been? Using Location-Based Security Questions for Fallback Authentication

简介

这篇论文介绍了一种密码丢失之后，进行身份验证找回密码的新方法。传统的方法大多是基于个人信息的（based on personal information）：

发送认证链接到你的邮箱，缺点是你可能不记得你的邮箱了（it makes the email account a single point of failure）；
发送验证短信到你的手机，缺点是有些用户并不愿意提交手机号码（mobile phone numbers are sensitive information）；
回答一些当初设定了答案的认证问题，缺点是难以记住或者容易破解（easy to remember are often easy to guess）；
社会关系认证，用户可能忘了自己的好友（users could not recall the name of the social contacts they had provided during enrollment）
虽然基于位置的安全问题早就提出了，但是他们创造了一种新的方法：在地图上选择地点而不是使用文字描述的地点。他们的创新点是新的答案的提供方法（Most research so far has focused on the design on question level, neglecting the way the answer is provided）.他们的优势在于，地图上的细节能给人带来更多的回忆（favor cued-based recall over free recall）。以后验证的时候，选择的点与初始设定点在一定距离内（如30米）即回到正确。他们认为者在记忆和可用之间达到了很好的平衡。整个地球有足够多的点而地图能很好的帮助用户进行回忆。基于位置的安全问题本身又具有很好的性能。（比如你妈老家在哪，就先要知道你妈是谁，然后她住哪。一个问题会需要更多的信息）

论文对各种该方法进行了非常非常非常详细的测试。

问题的形式：预设的问题，引导的问题，完全自由设定的问题
问题的设计：邀请了具有良好教育背景的不同领域的青年学生
问题的用户：男女，青少年到中老年
问题的攻击者：熟人，可以使用搜索工具的熟人，安全专家

结论

最好的问题设置：引导式的问题，预设的问题不利于用户个人化，开放的问题用户不知道如何去设置。（Nonetheless, guided questions appear to be the most promising ones of the three.）
最危险的敌人：和你有同样或相似经历的人。（The biggest threats from adversaries that share the same or similar experiences.）
用户设置位置的特征：倾向于一个区域，而攻击者的猜测范围非常大。（Despite the fact that most answers were clusted within a geographical region centered around the user's hometown, most adversaries were not able to guess the answer.）
最优的试验结果：阀值为45米，用户三个验证问题答对2个。我补充一下，论文是德国的，对于中国用户可能会有差异，需要具体测试。毕竟我们人口密度，国土面积，经济水平都不一样。（）

优点

对于90%多的成功率，还有提升空间：but leave room for improvements with respect to the usability of the approach.

邀请有良好教育背景的人参与设计：Participants were aged between 18-26 years (average: 22 years) and were all students with a background in natural sciences (i.e. computer science, physics and medical engineering).

良好的激励机制：As incentives, participants received gift vouchers of 20 for users or 5 for close adversaries. In case they acted in both roles, they received 25.

合乎当地的法律法规：Furthermore, we paid particular attention that our research complies with the federal (privacy) laws in our country.

参与测试的用户具有代表性：Twenty-eight of them acted as both, user and close adversary. Two participants acted as user only and another two acted as close adversary only. Participants were aged between 17-55 years (average: 26 years).Four of them were high school students,
21 of them were students with different backgrounds (e.g. computer science, business or medicine), 5 were employed (e.g. administration or finance).

论文中没有隐藏异常情况：However, two users who submitted incorrect answers in the first and second session, managed to answer correctly in the third session.Further interesting remarks were made by two participants who were caught by surprise as the map section that
they needed had been updated since their last authentication attempt.

用户的表现：> since a positive and realistic attitude toward a system will motivate users to pay some effort when defining location-based security questions.

由于用户自身的原因，本可以得到更好的结果：> However, the problem was, in the majority of cases, not caused by memorability reasons or the strict threshold, but by the assumption of the users that the system was more tolerant of imprecise selections.

测试的设计流程：> We presented the design, implementation and evaluation of this approach and tested the location-based security questions under the worst circumstances.