{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,16]],"date-time":"2026-04-16T04:51:19Z","timestamp":1776315079397,"version":"3.50.1"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030644543","type":"print"},{"value":"9783030644550","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-64455-0_2","type":"book-chapter","created":{"date-parts":[[2020,12,3]],"date-time":"2020-12-03T01:02:56Z","timestamp":1606957376000},"page":"16-32","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["An Interoperable Architecture for Usable Password-Less Authentication"],"prefix":"10.1007","author":[{"given":"Matthew","family":"Casey","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mark","family":"Manulis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christopher J. P.","family":"Newton","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Robin","family":"Savage","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Helen","family":"Treharne","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,12,4]]},"reference":[{"key":"2_CR1","doi-asserted-by":"publisher","unstructured":"Abu-Salma, R., Sasse, M.A., Bonneau, J., Danilova, A., Naiakshina, A., Smith, M.: Obstacles to the adoption of secure communication tools. In: IEEE S&P 2017, pp. 137\u2013153, May 2017. https:\/\/doi.org\/10.1109\/SP.2017.65","DOI":"10.1109\/SP.2017.65"},{"key":"2_CR2","doi-asserted-by":"crossref","unstructured":"Ames, A., Stannard, J., Stellmacher, D.: UK cyber security survey 2019. https:\/\/www.ipsos.com\/ipsos-mori\/en-uk\/uk-cyber-security-survey-2019\/ (2019)","DOI":"10.1016\/S1353-4858(19)30044-3"},{"key":"2_CR3","unstructured":"Apple Inc.: Storing keys in the secure enclave \u2014 apple developer documentation. https:\/\/developer.apple.com\/documentation\/security\/certificate_key_and_trust_services\/keys\/storing_keys_in_the_secure_enclave\/ (2020)"},{"key":"2_CR4","unstructured":"Arm Limited: Trustzone - Arm developer. https:\/\/developer.arm.com\/ip-products\/security-ip\/trustzone\/ (2019)"},{"key":"2_CR5","unstructured":"Balfanz, D., et al.: Web authentication: an API for accessing public key credentials level 1, March 2019, https:\/\/www.w3.org\/TR\/2019\/REC-webauthn-1-20190304\/"},{"key":"2_CR6","doi-asserted-by":"publisher","unstructured":"Bonneau, J., Herley, C., Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: 2012 IEEE S&P, pp. 553\u2013567, May 2012. https:\/\/doi.org\/10.1109\/SP.2012.44","DOI":"10.1109\/SP.2012.44"},{"key":"2_CR7","unstructured":"Brand, C., et al.: Client to authenticator protocol (CTAP), January 2019. https:\/\/fidoalliance.org\/specs\/fido-v2.0-ps-20190130\/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html"},{"key":"2_CR8","doi-asserted-by":"crossref","unstructured":"Carr, M., Shahandashti, S.: Revisiting security vulnerabilities in commercial password managers. In: International Conference on ICT Systems Security and Privacy Protection, IFIP SEC 2020, February 2020. https:\/\/sec2020.um.si\/","DOI":"10.1007\/978-3-030-58201-2_18"},{"key":"2_CR9","unstructured":"Chen, S., Barbosa, M., Boldyreva, A., Warinschi, B.: Provable security analysis of fido2. Cryptology ePrint Archive, Report 2020\/756 (2020). https:\/\/eprint.iacr.org\/2020\/756"},{"key":"2_CR10","unstructured":"Cimpanu, C.: Microsoft: 150 million people are using passwordless logins each month. https:\/\/www.zdnet.com\/article\/microsoft-150-million-people-are-using-passwordless-logins-each-month\/ (2020)"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"Das, S., Russo, G., Dingman, A.C., Dev, J., Kenny, O., Camp, L.J.: A qualitative study on usability and acceptability of Yubico security key. In: Proceedings of the 7th Workshop on Socio-Technical Aspects in Security and Trust, pp. 28\u201339. STAST 2017, Association for Computing Machinery (2018). https:\/\/doi.org\/10.1145\/3167996.3167997","DOI":"10.1145\/3167996.3167997"},{"key":"2_CR12","unstructured":"FIDO Alliance: FIDO2: Moving the world beyond passwords using WebAuthn & CTAP. https:\/\/fidoalliance.org\/fido2\/ (2019)"},{"key":"2_CR13","unstructured":"FIDO Alliance: Certified products. https:\/\/fidoalliance.org\/certification\/fido-certified-products\/ (2020)"},{"key":"2_CR14","doi-asserted-by":"crossref","unstructured":"Frymann, N., Gardham, D., Kiefer, F., Lundberg, E., Manulis, M., Nilsson, D.: Asynchronous Remote Key Generation: An analysis of Yubico\u2019s proposal for W3C WebAuthn. In: ACM CCS 2020. ACM (2020), https:\/\/dx.doi.org\/10.1145\/3372297.3417292","DOI":"10.1145\/3372297.3417292"},{"key":"2_CR15","unstructured":"Grassi, P.A., et al.: NIST special publication 800\u201363B: Digital identity guidelines: authentication and lifecycle management, June 2017. https:\/\/pages.nist.gov\/800-63-3\/sp800-63b.html"},{"key":"2_CR16","doi-asserted-by":"crossref","unstructured":"Guirat, I.B., Halpin, H.: Formal verification of the W3C web authentication protocol. In: 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security. HoTSoS 2018, Association for Computing Machinery (2018). https:\/\/doi.org\/10.1145\/3190619.3190640","DOI":"10.1145\/3190619.3190640"},{"key":"2_CR17","doi-asserted-by":"publisher","unstructured":"Hussain, T., Atta, K., Bawany, N., Qamar, T.: Passwords and user behavior. J. Comput. 13, 692\u2013704 (2018). https:\/\/doi.org\/10.17706\/jcp.13.6.692-704","DOI":"10.17706\/jcp.13.6.692-704"},{"key":"2_CR18","doi-asserted-by":"crossref","unstructured":"IBM Security: Cost of a data breach report 2019. https:\/\/databreachcalculator.mybluemix.net\/ (2019)","DOI":"10.1016\/S1361-3723(19)30081-8"},{"key":"2_CR19","unstructured":"IETF: The transport layer security (TLS) protocol. https:\/\/tools.ietf.org\/html\/rfc5246 (2008)"},{"key":"2_CR20","unstructured":"Intel: Intel$$\\textregistered $$ software guard extensions. https:\/\/software.intel.com\/en-us\/sgx\/ (2020)"},{"key":"2_CR21","unstructured":"Jacobs, F.: How Russia works on intercepting messaging apps. https:\/\/www.bellingcat.com\/news\/2016\/04\/30\/russia-telegram-hack\/ (2016)"},{"key":"2_CR22","unstructured":"LastPass: LastPass technical whitepaper. https:\/\/support.logmeininc.com\/lastpass"},{"key":"2_CR23","unstructured":"Microsoft: Passwords-less protection. https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RE2KEup"},{"key":"2_CR24","unstructured":"Microsoft: Enable passwordless sign-in with the microsoft authenticator app. https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-authentication-passwordless-phone (2019)"},{"key":"2_CR25","unstructured":"Milka, G.: Anatomy of account takeover. In: Enigma 2018 (Enigma 2018). USENIX Association, Janunary 2018. https:\/\/www.usenix.org\/node\/208154"},{"key":"2_CR26","doi-asserted-by":"crossref","unstructured":"Mirian, A., DeBlasio, J., Savage, S., Voelker, G.M., Thomas, K.: Hack for hire: exploring the emerging market for account hijacking. In: WWW 2019. p. 1279\u20131289. ACM (2019). https:\/\/doi.org\/10.1145\/3308558.3313489","DOI":"10.1145\/3308558.3313489"},{"key":"2_CR27","unstructured":"National Cyber Security Centre: Password administration for system owners. https:\/\/www.ncsc.gov.uk\/collection\/passwords\/updating-your-approach\/ (2018)"},{"key":"2_CR28","unstructured":"National Cyber Security Centre: Setting up two-factor authentication (2FA). https:\/\/www.ncsc.gov.uk\/guidance\/setting-two-factor-authentication-2fa\/ (2018)"},{"key":"2_CR29","unstructured":"National Cyber Security Centre: Passwords, passwords everywhere. https:\/\/www.ncsc.gov.uk\/blog-post\/passwords-passwords-everywhere\/ (2019)"},{"key":"2_CR30","unstructured":"National Institute of Standards and Technology: FIPS 140\u20132: Security requirements for cryptographic modules, June 2001. https:\/\/csrc.nist.gov\/publications\/detail\/fips\/140\/2\/final"},{"key":"2_CR31","unstructured":"Reese, K., Smith, T., Dutson, J., Armknecht, J., Cameron, J., Seamons, K.: A usability study of five two-factor authentication methods. In: Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019). USENIX Association, Santa Clara, CA, August 2019. https:\/\/www.usenix.org\/conference\/soups2019\/presentation\/reese"},{"key":"2_CR32","unstructured":"Symantec: Internet security threat report (ISTR) 2019. https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/reports\/istr-24-2019-en.pdf (2019)"},{"key":"2_CR33","unstructured":"Thales: 2019 Thales access management index. https:\/\/safenet.gemalto.com\/identity-access-management-index\/ (2019)"},{"key":"2_CR34","unstructured":"ThumbSignIn, One World Identity, Gluu: Customer authentication practices 2019. https:\/\/thumbsignin.com\/customer-authentication-report-2019\/ (2019)"},{"key":"2_CR35","unstructured":"Trusted Computing Group: TPM 2.0 library specification. https:\/\/trustedcomputinggroup.org\/resource\/tpm-library-specification\/ (2016)"},{"key":"2_CR36","doi-asserted-by":"crossref","unstructured":"Wesemeyer, S., Newton, C., Treharne, H., Chen, L., Sasse, R., Whitefield, J.: Formal analysis and implementation of a TPM 2.0-based direct anonymous attestation scheme. AsiaCCS 2020 (to appear) (2020). https:\/\/ethz.ch\/content\/dam\/ethz\/special-interest\/infk\/inst-infsec\/information-security-group-dam\/research\/publications\/pub2020\/eccdaaimp-asiaccs20.pdf","DOI":"10.1145\/3320269.3372197"},{"key":"2_CR37","unstructured":"World Economic Forum: Passwordless authentication: The next breakthrough in secure digital transformation. http:\/\/www3.weforum.org\/docs\/WEF_Passwordless_Authentication.pdf (2020)"},{"key":"2_CR38","unstructured":"Yubico: Yubico \u2014 YubiKey strong two factor authentication. https:\/\/www.yubico.com\/ (2020)"}],"container-title":["Lecture Notes in Computer Science","Emerging Technologies for Authorization and Authentication"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-64455-0_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T01:01:43Z","timestamp":1764723703000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-64455-0_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030644543","9783030644550"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-64455-0_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"4 December 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ETAA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Emerging Technologies for Authorization and Authentication","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 September 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 September 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"etaa2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.iit.cnr.it\/etaa2020\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"67% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was planned at University of Surrey, Guildford, UK.   Due to COVID-19 outbreak, ESORICS conference and affiliated workshop will be held online.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}