What is it about?
Passwords continue to dominate the authentication landscape, while One Time Passwords (OTPs) provided by apps are increasingly used as second factor. Even though several alternatives are developed, very few regard usability. Even fewer alternatives consider special conditions of authentication, like disabilities and other input restrictions, typical for healthcare workers. In this paper, we show shortcomings by the example of different stages within the care cycle. Generalized requirements are used to evaluate existing authentication mechanisms. These findings result in the design of a matrix showing different authentication methods and requirements. The matrix can be used to identify the best fitting authentication mechanisms based on the needs of the scenario. Not only the first factor can be identified, but the matrix also helps to select additional well-fitting authentication mechanism for a specific scenario. The designed matrix is practically underlined by applying it to the care cycle with different cyber-physical systems (CPS).
Featured Image
Why is it important?
Identity management can and should be a mean for inclusion. At the same time access is also one key success factor for digital inclusion. This means connectivity, affordability, and accessibility are key success factors for digital identities and, consequently, authentication. Authentication should be usable for different persons in different, sometimes challenging situations. But is this the case? We especially focus on multiple interrelated situations in the healthcare cycle with special conditions for authentication and their requirements, due to a necessary trade-off of usability and security for these complex systems. By addressing gathered challenges, we receive a better overview. The aim of this work is to provide a matrix serving as a tool for decision-making for suitable authentication mechanisms. We explicitly focus on covering aspects arising from special and challenging conditions. The proposed matrix allows to systematically select authentication mechanisms, combinations, and fallbacks. By providing suitable authentic
Perspectives
The matrix consists of authentication mechanisms and weighted fulfillment of requirements. With this matrix, a first as well as a second factor can be chosen. This is shown by applying the four real world situations in our scenario, which were used to extract requirements. In order to choose a specific authentication mechanism, more work needs to be done. The weighted requirements cannot only guide in scenarios with special conditions, but everywhere, where guidance is needed. As a result, all stakeholders can profit from this matrix, which includes different approaches and requirements and is flexible enough for future approaches. A more thorough user study is planned in a future work with a special focus on the area of blue light organizations and especially hospital environments, where we maintain good relations from several projects.
Daniela Pöhn
Universität der Bundeswehr München
Read the Original
This page is a summary of: A Matrix for Systematic Selection of Authentication Mechanisms in Challenging Healthcare related Environments, April 2021, ACM (Association for Computing Machinery),
DOI: 10.1145/3445969.3450424.
You can read the full text:
Contributors
The following have contributed to this page
