Files in this item
Security and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizations
Item metadata
dc.contributor.author | Constantinides, Argyris | |
dc.contributor.author | Belk, Marios | |
dc.contributor.author | Fidas, Christos | |
dc.contributor.author | Beumers, Roy | |
dc.contributor.author | Vidal, David | |
dc.contributor.author | Huang, Wanting | |
dc.contributor.author | Kuster Filipe Bowles, Juliana | |
dc.contributor.author | Webber, Thais | |
dc.contributor.author | Silvina, Agastya | |
dc.contributor.author | Pitsillides, Andreas | |
dc.date.accessioned | 2022-10-31T15:30:24Z | |
dc.date.available | 2022-10-31T15:30:24Z | |
dc.date.issued | 2023-01-01 | |
dc.identifier | 281699889 | |
dc.identifier | 135cbfa7-6bf6-4f46-bf80-3647d74714cf | |
dc.identifier | 85150980656 | |
dc.identifier.citation | Constantinides , A , Belk , M , Fidas , C , Beumers , R , Vidal , D , Huang , W , Kuster Filipe Bowles , J , Webber , T , Silvina , A & Pitsillides , A 2023 , ' Security and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizations ' , ACM Transactions on Computing for Healthcare , vol. 4 , no. 1 . https://doi.org/10.1145/3564610 | en |
dc.identifier.issn | 2691-1957 | |
dc.identifier.other | ORCID: /0000-0002-8091-6021/work/121754252 | |
dc.identifier.other | ORCID: /0000-0002-5918-9114/work/121754423 | |
dc.identifier.uri | https://hdl.handle.net/10023/26280 | |
dc.description | Funding: This research has been partially supported by the EU Horizon 2020 Grant 826278 "Securing Medical Data in Smart Patient-Centric Healthcare Systems" (Serums) , and the Research and Innovation Foundation (Project DiversePass: COMPLEMENTARY/0916/0182). | en |
dc.description.abstract | This paper proposes a user-adaptable and personalized authentication paradigm for healthcare organizations, which anticipates to seamlessly reflect patients’ episodic and autobiographical memories to graphical and textual passwords aiming to improve the security strength of user-selected passwords and provide a positive user experience. We report on a longitudinal study that spanned over three years in which three public European healthcare organizations participated in order to design and evaluate the aforementioned paradigm. Three studies were conducted (n=169) with different stakeholders: i) a verification study aiming to identify existing authentication practices of the three healthcare organizations with diverse stakeholders (n=9); ii) a patient-centric feasibility study during which users interacted with the proposed authentication system (n=68); and iii) a human guessing attack study focusing on vulnerabilities among people sharing common experiences within location-aware images used for graphical passwords (n=92). Results revealed that the suggested paradigm scored high with regards to users’ likeability, perceived security, usability and trust, but more importantly it assists the creation of more secure passwords. On the downside, the suggested paradigm introduces password guessing vulnerabilities by individuals sharing common experiences with the end-users. Findings are expected to scaffold the design of more patient-centric knowledge-based authentication mechanisms within nowadays dynamic computation realms. | |
dc.format.extent | 40 | |
dc.format.extent | 1272027 | |
dc.language.iso | eng | |
dc.relation.ispartof | ACM Transactions on Computing for Healthcare | en |
dc.subject | Knowledge-based user authentication | en |
dc.subject | Graphical passwords | en |
dc.subject | Usability | en |
dc.subject | Security | en |
dc.subject | Feasibility user study | en |
dc.subject | Human guessing attack study | en |
dc.subject | QA75 Electronic computers. Computer science | en |
dc.subject | NDAS | en |
dc.subject | SDG 3 - Good Health and Well-being | en |
dc.subject | MCC | en |
dc.subject.lcc | QA75 | en |
dc.title | Security and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizations | en |
dc.type | Journal article | en |
dc.contributor.sponsor | European Commission | en |
dc.contributor.institution | University of St Andrews. School of Computer Science | en |
dc.identifier.doi | 10.1145/3564610 | |
dc.description.status | Peer reviewed | en |
dc.identifier.grantnumber | SEP-210512424 | en |
This item appears in the following Collection(s)
Items in the St Andrews Research Repository are protected by copyright, with all rights reserved, unless otherwise indicated.