Skip to main content

What makes ‘what we are’?


It has long been asserted that there are three components for identity authentication – ‘What We Remember’ (Secret Credential), ‘What We Have’ (Tokens) and ‘What We Are ‘(Body Features).

Feeding a correct secret credential is under our control.  So is presenting a correct token to some extent. But our body features are just beyond our control.  Wouldn’t it be more appropriate to call it ‘What Our Body Features Are’?

What we remember’ and ‘What we have’, which are both deterministic, can be used together in a security-enhancing ‘two-layer’ deployment, whereas probabilistic ‘what our body features are’ can actually be used with another factor only in a security-lowering ‘two-entrance’ deployment.

We practically have two factors of ‘what we remember’ and ‘what we have’ as valid authenticators, with ‘what our body features are’ counted in cyberspace as an optional tool to increase convenience at the sacrifice of security.

It might sound a bit outrageous to the old school who have asserted that ‘what we are’ is made of our body features. But we are confident that the public will agree with us at the end of the day.

Click the link for the full text
https://www.linkedin.com/pulse/external-body-features-viewed-what-we-hitoshi-kokumai


Comments

Post a Comment

Popular posts from this blog

Expanded Password System to Complement FIDO2

2 is larger than 1 but is not necessarily stronger than 1, as two children could be overwhelmed by a grown-up. For a two-factor authentication to be really reliable, each factor should be reasonably secure and usable enough. On the other hand, ‘password-less’ authentication, however attractive it might sound, would only benefit bad guys as examined in the link page - https://www.linkedin.com/pulse/removal-passwords-its-security-effect-hitoshi-kokumai/ People who offer a token as 'a factor' of two factor authentication schemes could all be viewed as our potential down-stream partners. Among them are the people who offer FIDO2-compatible solutions. Put together, we could come up with the two-factor authentications that are much more reliable than otherwise.
Post a Comment
Read more

Quest for Global Ubiquity

We wish to make our Expanded Password System solutions readily available to all the global citizens: rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disaster. For achieving such global ubiquity, we will need more and more research into such diverse disciplines as psychology, sociology, behavioural economics and brain science in addition to cryptography, safe coding and other security technologies. Your shout would be welcomed if you happen to know researchers who may be interested to include the issue of ‘identity assurance by our own VOLITION and MEMORY’ in their study subjects or if you yourself are interested to join us. We will shortly launch the global operation of promoting Expanded Password System from our headquarters set up in UK and this research program, which should naturally be international, is to play a significant role in it. Linked is my article posted 6 years ago, which might indicate an aspect of what we
Post a Comment
Read more

Biometrics for Increasing and Decreasing Security

https://www.fedscoop.com/phone-cases-security-air-force-disa/ It could be a correct use of biometrics for increasing security if biometrics is used for continuously monitoring the user's voice and behaviors to detect when a bad guy has grabbed the logged-in device from the user. Demand the user's password afresh, and the bad guy could be turned away as discussed here - "Anything used correctly is useful and so are UV, disinfectant and biometrics." https://www.linkedin.com/posts/hitoshikokumai_digital-identity-anything-used-correctly-activity-6663264695664934913-S2FS It could be a wrong use of biometrics for decreasing security if biometrics is used as a second authenticator along with a default password as examined here - "Early models of smartphones were safer than newer models - How come?" https://www.linkedin.com/pulse/early-models-smartphones-were-safer-than-newer-how-come-kokumai Windows Hello for payment authentication would be fi
Post a Comment
Read more