Show simple item record

Files in this item

Thumbnail

Item metadata

dc.contributor.authorConstantinides, Argyris
dc.contributor.authorBelk, Marios
dc.contributor.authorFidas, Christos
dc.contributor.authorBeumers, Roy
dc.contributor.authorVidal, David
dc.contributor.authorHuang, Wanting
dc.contributor.authorKuster Filipe Bowles, Juliana
dc.contributor.authorWebber, Thais
dc.contributor.authorSilvina, Agastya
dc.contributor.authorPitsillides, Andreas
dc.date.accessioned2022-10-31T15:30:24Z
dc.date.available2022-10-31T15:30:24Z
dc.date.issued2022-10-12
dc.identifier.citationConstantinides , A , Belk , M , Fidas , C , Beumers , R , Vidal , D , Huang , W , Kuster Filipe Bowles , J , Webber , T , Silvina , A & Pitsillides , A 2022 , ' Security and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizations ' , ACM Transactions on Computing for Healthcare , vol. Just Accepted . https://doi.org/10.1145/3564610en
dc.identifier.issn2691-1957
dc.identifier.otherPURE: 281699889
dc.identifier.otherPURE UUID: 135cbfa7-6bf6-4f46-bf80-3647d74714cf
dc.identifier.otherORCID: /0000-0002-8091-6021/work/121754252
dc.identifier.otherORCID: /0000-0002-5918-9114/work/121754423
dc.identifier.urihttp://hdl.handle.net/10023/26280
dc.descriptionFunding information: This research has been partially supported by the EU Horizon 2020 Grant 826278 "Securing Medical Data in Smart Patient-Centric Healthcare Systems" (Serums) , and the Research and Innovation Foundation (Project DiversePass: COMPLEMENTARY/0916/0182).en
dc.description.abstractThis paper proposes a user-adaptable and personalized authentication paradigm for healthcare organizations, which anticipates to seamlessly reflect patients’ episodic and autobiographical memories to graphical and textual passwords aiming to improve the security strength of user-selected passwords and provide a positive user experience. We report on a longitudinal study that spanned over three years in which three public European healthcare organizations participated in order to design and evaluate the aforementioned paradigm. Three studies were conducted (n=169) with different stakeholders: i) a verification study aiming to identify existing authentication practices of the three healthcare organizations with diverse stakeholders (n=9); ii) a patient-centric feasibility study during which users interacted with the proposed authentication system (n=68); and iii) a human guessing attack study focusing on vulnerabilities among people sharing common experiences within location-aware images used for graphical passwords (n=92). Results revealed that the suggested paradigm scored high with regards to users’ likeability, perceived security, usability and trust, but more importantly it assists the creation of more secure passwords. On the downside, the suggested paradigm introduces password guessing vulnerabilities by individuals sharing common experiences with the end-users. Findings are expected to scaffold the design of more patient-centric knowledge-based authentication mechanisms within nowadays dynamic computation realms.
dc.format.extent45
dc.language.isoeng
dc.relation.ispartofACM Transactions on Computing for Healthcareen
dc.rightsCopyright © 2022 Association for Computing Machinery. This work has been made available online in accordance with publisher policies or with permission. Permission for further reuse of this content should be sought from the publisher or the rights holder. This is the author created accepted manuscript following peer review and may differ slightly from the final published version. The final published version of this work is available at https://doi.org/10.1145/3564610.en
dc.subjectKnowledge-based user authenticationen
dc.subjectGraphical passwordsen
dc.subjectUsabilityen
dc.subjectSecurityen
dc.subjectFeasibility user studyen
dc.subjectHuman guessing attack studyen
dc.subjectQA75 Electronic computers. Computer scienceen
dc.subjectNDASen
dc.subject.lccQA75en
dc.titleSecurity and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizationsen
dc.typeJournal articleen
dc.contributor.sponsorEuropean Commissionen
dc.description.versionPostprinten
dc.contributor.institutionUniversity of St Andrews. School of Computer Scienceen
dc.identifier.doihttps://doi.org/10.1145/3564610
dc.description.statusPeer revieweden
dc.identifier.grantnumberSEP-210512424en


This item appears in the following Collection(s)

Show simple item record