{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,9]],"date-time":"2025-12-09T08:29:07Z","timestamp":1765268947250,"version":"3.41.0"},"reference-count":52,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2024,4,8]],"date-time":"2024-04-08T00:00:00Z","timestamp":1712534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Waterloo-Huawei Joint Innovation Laboratory"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2024,5,31]]},"abstract":"<jats:p>\n            Adaptive authentication enables smartphones and enterprise apps to decide when and how to authenticate users based on contextual and behavioral factors. In practice, a system may employ multiple policies to adapt its authentication mechanisms and access controls to various scenarios. However, existing approaches suffer from contradictory or insecure adaptations, which may enable attackers to bypass the authentication system. Besides, most existing approaches are inflexible and do not provide desirable access controls. We design and build a multi-stage risk-aware adaptive authentication and access control framework (MRAAC), which provides the following novel contributions:\n            <jats:bold>Multi-stage:<\/jats:bold>\n            MRAAC organizes adaptation policies in multiple stages to handle different risk types and progressively adapts authentication mechanisms based on context, resource sensitivity, and user authenticity.\n            <jats:bold>Appropriate access control:<\/jats:bold>\n            MRAAC provides libraries to enable sensitive apps to manage the availability of their in-app resources based on MRAAC\u2019s risk awareness.\n            <jats:bold>Extensible:<\/jats:bold>\n            While existing proposals are tailored to cater to a single use case, MRAAC supports a variety of use cases with custom risk models. We exemplify these advantages of MRAAC by deploying it for three use cases: an enhanced version of Android Smart Lock, guest-aware continuous authentication, and corporate app for BYOD. We conduct experiments to quantify the CPU, memory, latency, and battery performance of MRAAC. Our evaluation shows that MRAAC enables various stakeholders (device manufacturers, enterprise and secure app developers) to provide complex adaptive authentication workflows on COTS Android with low processing and battery overhead.\n          <\/jats:p>","DOI":"10.1145\/3648372","type":"journal-article","created":{"date-parts":[[2024,2,15]],"date-time":"2024-02-15T11:56:03Z","timestamp":1707998163000},"page":"1-30","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["MRAAC: A Multi-stage Risk-aware Adaptive Authentication and Access Control Framework for Android"],"prefix":"10.1145","volume":"27","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0722-8150","authenticated-orcid":false,"given":"Jiayi","family":"Chen","sequence":"first","affiliation":[{"name":"University of Waterloo, Waterloo, Canada"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9840-0015","authenticated-orcid":false,"given":"Urs","family":"Hengartner","sequence":"additional","affiliation":[{"name":"University of Waterloo, Waterloo, Canada"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2946-5920","authenticated-orcid":false,"given":"Hassan","family":"Khan","sequence":"additional","affiliation":[{"name":"University of Guelph, Guelph, Canada"}]}],"member":"320","published-online":{"date-parts":[[2024,4,8]]},"reference":[{"key":"e_1_3_2_2_2","doi-asserted-by":"publisher","DOI":"10.1002\/SEC.1750"},{"key":"e_1_3_2_3_2","first-page":"100","volume-title":"Proceedings of the 16th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services","author":"Aras Shravan","year":"2019","unstructured":"Shravan Aras, Chris Gniady, and Hari Venugopalan. 2019. MultiLock: Biometric-based graded authentication for mobile devices. In Proceedings of the 16th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. 100\u2013109."},{"issue":"4","key":"e_1_3_2_4_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3336117","article-title":"A survey on adaptive authentication","volume":"52","author":"Arias-Cabarcos Patricia","year":"2019","unstructured":"Patricia Arias-Cabarcos, Christian Krupitzer, and Christian Becker. 2019. A survey on adaptive authentication. ACM Comput. Surv. 52, 4 (2019), 1\u201330.","journal-title":"ACM Comput. Surv."},{"key":"e_1_3_2_5_2","doi-asserted-by":"crossref","first-page":"46","DOI":"10.1145\/2664243.2664265","volume-title":"Proceedings of the 30th Annual Computer Security Applications Conference","author":"Backes Michael","year":"2014","unstructured":"Michael Backes, Sven Bugiel, Sebastian Gerling, and Philipp von Styp-Rekowsky. 2014. Android security framework: Extensible multi-layered access control on android. In Proceedings of the 30th Annual Computer Security Applications Conference. 46\u201355."},{"key":"e_1_3_2_6_2","first-page":"1","volume-title":"Proceedings of the IEEE 33rd International Performance Computing and Communications Conference (IPCCC\u201914)","author":"Bo Cheng","year":"2014","unstructured":"Cheng Bo, Lan Zhang, Taeho Jung, Junze Han, Xiang-Yang Li, and Yu Wang. 2014. Continuous user identification via touch and movement behavioral biometrics. In Proceedings of the IEEE 33rd International Performance Computing and Communications Conference (IPCCC\u201914). IEEE, 1\u20138."},{"key":"e_1_3_2_7_2","article-title":"FairEmail","author":"Bokhorst Marcel","unstructured":"Marcel Bokhorst. 2021. FairEmail. Retrieved from https:\/\/github.com\/M66B\/FairEmail","journal-title":"R"},{"key":"e_1_3_2_8_2","first-page":"380","volume-title":"Proceedings of the International Conference on Availability, Reliability and Security","author":"Brosso Ines","year":"2010","unstructured":"Ines Brosso, Alessandro La Neve, Gra\u00e7a Bressan, and Wilson Vicente Ruggiero. 2010. A continuous authentication system based on user behavior analysis. In Proceedings of the International Conference on Availability, Reliability and Security. IEEE, 380\u2013385."},{"key":"e_1_3_2_9_2","first-page":"131","volume-title":"Proceedings of the 22nd USENIX Security Symposium (USENIX Security\u201913)","author":"Bugiel Sven","year":"2013","unstructured":"Sven Bugiel, Stephen Heuser, and Ahmad-Reza Sadeghi. 2013. Flexible and fine-grained mandatory access control on Android for diverse security and privacy policies. In Proceedings of the 22nd USENIX Security Symposium (USENIX Security\u201913). 131\u2013146."},{"key":"e_1_3_2_10_2","volume-title":"Proceedings of the 18th Symposium on Usable Privacy and Security (SOUPS\u201922)","author":"Chen Jiayi","year":"2022","unstructured":"Jiayi Chen, Urs Hengartner, and Hassan Khan. 2022. Sharing without scaring: Enabling smartphones to become aware of temporary sharing. In Proceedings of the 18th Symposium on Usable Privacy and Security (SOUPS\u201922). USENIX Association, Boston, MA. Retrieved from https:\/\/www.usenix.org\/conference\/soups2022\/presentation\/chen"},{"key":"e_1_3_2_11_2","volume-title":"Proceedings of the 17th Symposium on Usable Privacy and Security (SOUPS\u201921)","author":"Cho Geumhwan","year":"2021","unstructured":"Geumhwan Cho, Sungsu Kwag, Huh Jun Ho, Bedeuro Kim, Choong-Hoon Lee, and Hyoungshick Kim. 2021. Towards usable and secure location-based smartphone authentication. In Proceedings of the 17th Symposium on Usable Privacy and Security (SOUPS\u201921)."},{"key":"e_1_3_2_12_2","first-page":"1","volume-title":"Proceedings of the New Security Paradigms Workshop","author":"Forget Alain","year":"2015","unstructured":"Alain Forget, Sonia Chiasson, and Robert Biddle. 2015. Choose your own authentication. In Proceedings of the New Security Paradigms Workshop. 1\u201315."},{"issue":"1","key":"e_1_3_2_13_2","doi-asserted-by":"crossref","first-page":"136","DOI":"10.1109\/TIFS.2012.2225048","article-title":"Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication","volume":"8","author":"Frank Mario","year":"2012","unstructured":"Mario Frank, Ralf Biedert, Eugene Ma, Ivan Martinovic, and Dawn Song. 2012. Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Trans. Inf. Forens. Secur. 8, 1 (2012), 136\u2013148.","journal-title":"IEEE Trans. Inf. Forens. Secur."},{"journal-title":"R","article-title":"Futureae: Customer Stories","key":"e_1_3_2_14_2","unstructured":"Futureae. 2021. Futureae: Customer Stories. Retrieved from https:\/\/www.futurae.com\/customer-stories\/"},{"issue":"3","key":"e_1_3_2_15_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3314023","article-title":"Leveraging user-related internet of things for continuous authentication: A survey","volume":"52","author":"Gonzalez-Manzano Lorena","year":"2019","unstructured":"Lorena Gonzalez-Manzano, Jose M. De Fuentes, and Arturo Ribagorda. 2019. Leveraging user-related internet of things for continuous authentication: A survey. ACM Comput. Surv. 52, 3 (2019), 1\u201338.","journal-title":"ACM Comput. Surv."},{"key":"e_1_3_2_16_2","first-page":"471","volume-title":"Proceedings of the International Conference on Privacy, Security, Risk and Trust and International Conference on Social Computing","author":"Gupta Aditi","year":"2012","unstructured":"Aditi Gupta, Markus Miettinen, Nadarajah Asokan, and Marcin Nagy. 2012. Intuitive security policy configuration in mobile devices using context profiling. In Proceedings of the International Conference on Privacy, Security, Risk and Trust and International Conference on Social Computing. IEEE, 471\u2013480."},{"key":"e_1_3_2_17_2","article-title":"The OAuth 2.0 authorization framework","author":"Hardt Dick","year":"2012","unstructured":"Dick Hardt. 2012. The OAuth 2.0 authorization framework. RFC 6749, Oct. (2012).","journal-title":"RFC 6749, Oct"},{"key":"e_1_3_2_18_2","first-page":"1","volume-title":"Proceedings of the 9th Symposium on Usable Privacy and Security","author":"Hayashi Eiji","year":"2013","unstructured":"Eiji Hayashi, Sauvik Das, Shahriyar Amini, Jason Hong, and Ian Oakley. 2013. CASA: Context-aware scalable authentication. In Proceedings of the 9th Symposium on Usable Privacy and Security. 1\u201310."},{"key":"e_1_3_2_19_2","first-page":"1","volume-title":"Proceedings of the 8th Symposium on Usable Privacy and Security","author":"Hayashi Eiji","year":"2012","unstructured":"Eiji Hayashi, Oriana Riva, Karin Strauss, A. J. Bernheim Brush, and Stuart Schechter. 2012. Goldilocks and the two mobile devices: Going beyond all-or-nothing access to a device\u2019s applications. In Proceedings of the 8th Symposium on Usable Privacy and Security. 1\u201311."},{"issue":"3","key":"e_1_3_2_20_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3351243","article-title":"CORMORANT: Ubiquitous risk-aware multi-modal biometric authentication across mobile devices","volume":"3","author":"Hintze Daniel","year":"2019","unstructured":"Daniel Hintze, Matthias F\u00fcller, Sebastian Scholz, Rainhard D. Findling, Muhammad Muaaz, Philipp Kapfer, Eckhard Koch, and Ren\u00e9 Mayrhofer. 2019. CORMORANT: Ubiquitous risk-aware multi-modal biometric authentication across mobile devices. Proc. ACM Interact., Mob., Wear. Ubiq. Technol. 3, 3 (2019), 1\u201323.","journal-title":"Proc. ACM Interact., Mob., Wear. Ubiq. Technol."},{"key":"e_1_3_2_21_2","article-title":"Android 10","author":"Inc. Google","unstructured":"Google Inc. 2022. Android 10. Retrieved from https:\/\/source.android.com\/security\/enhancements\/enhancements10","journal-title":"R"},{"key":"e_1_3_2_22_2","article-title":"Android Pin & Unpin Screens","author":"Inc. Google","unstructured":"Google Inc. 2021. Android Pin & Unpin Screens. Retrieved from https:\/\/support.google.com\/android\/answer\/9455138?hl=en","journal-title":"R"},{"key":"e_1_3_2_23_2","article-title":"Battery Historian","author":"Inc. Google","unstructured":"Google Inc. 2021. Battery Historian. Retrieved from https:\/\/github.com\/google\/battery-historian","journal-title":"R"},{"key":"e_1_3_2_24_2","article-title":"Measuring Biometric Unlock Security","author":"Inc. Google","unstructured":"Google Inc. 2021. Measuring Biometric Unlock Security. Retrieved from https:\/\/source.android.com\/security\/biometric\/measure","journal-title":"R"},{"key":"e_1_3_2_25_2","article-title":"Smart Lock","author":"Inc Google","unstructured":"Google Inc. 2021. Smart Lock. Retrieved from https:\/\/support.google.com\/pixelphone\/answer\/6093922?hl=en","journal-title":"R"},{"key":"e_1_3_2_26_2","volume-title":"J. Eng. Res. & Sci.","author":"Inshi Saad","year":"2023","unstructured":"Saad Inshi, Mahdi Elarbi, Rasel Chowdhury, Hakima Ould-Slimane, and Chamseddine Talhi. 2023. CAPEF: Context-aware policy enforcement framework for Android applications. J. Eng. Res. & Sci. 2, 1 (2023)."},{"key":"e_1_3_2_27_2","first-page":"111","volume-title":"Proceedings of the IEEE 20th International Conference on Software Quality, Reliability and Security (QRS\u201920)","author":"Karanikiotis Thomas","year":"2020","unstructured":"Thomas Karanikiotis, Michail D. Papamichail, Kyriakos C. Chatzidimitriou, Napoleon-Christos I. Oikonomou, Andreas L. Symeonidis, and Sashi K. Saripalle. 2020. Continuous implicit authentication through touch traces modelling. In Proceedings of the IEEE 20th International Conference on Software Quality, Reliability and Security (QRS\u201920). IEEE, 111\u2013120."},{"key":"e_1_3_2_28_2","doi-asserted-by":"crossref","first-page":"507","DOI":"10.1145\/2639108.2639141","volume-title":"Proceedings of the 20th Annual International Conference on Mobile Computing and Networking","author":"Khan Hassan","year":"2014","unstructured":"Hassan Khan, Aaron Atwater, and Urs Hengartner. 2014. Itus: An implicit authentication framework for Android. In Proceedings of the 20th Annual International Conference on Mobile Computing and Networking. 507\u2013518."},{"key":"e_1_3_2_29_2","first-page":"225","volume-title":"Proceedings of the 11th Symposium on Usable Privacy and Security (SOUPS\u201915)","author":"Khan Hassan","year":"2015","unstructured":"Hassan Khan, Urs Hengartner, and Daniel Vogel. 2015. Usability and security perceptions of implicit authentication: Convenient, secure, sometimes annoying. In Proceedings of the 11th Symposium on Usable Privacy and Security (SOUPS\u201915). 225\u2013239."},{"key":"e_1_3_2_30_2","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1145\/3210240.3210317","volume-title":"Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services","author":"Khan Hassan","year":"2018","unstructured":"Hassan Khan, Urs Hengartner, and Daniel Vogel. 2018. Augmented reality-based mimicry attacks on behaviour-based smartphone authentication. In Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services. 41\u201353."},{"key":"e_1_3_2_31_2","article-title":"Camera Roll Android App","author":"Koller Lukas","unstructured":"Lukas Koller. 2021. Camera Roll Android App. Retrieved from https:\/\/github.com\/kollerlukas\/Camera-Roll-Android-App","journal-title":"R"},{"key":"e_1_3_2_32_2","first-page":"1","volume-title":"Proceedings of the CHI Conference on Human Factors in Computing Systems","author":"Koushki Masoud Mehrabi","year":"2021","unstructured":"Masoud Mehrabi Koushki, Borke Obada-Obieh, Jun Ho Huh, and Konstantin Beznosov. 2021. On smartphone users\u2019 difficulty with understanding implicit authentication. In Proceedings of the CHI Conference on Human Factors in Computing Systems. 1\u201314."},{"key":"e_1_3_2_33_2","first-page":"1","volume-title":"Proceedings of the IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS\u201916)","author":"Kumar Rajesh","year":"2016","unstructured":"Rajesh Kumar, Vir V. Phoha, and Abdul Serwadda. 2016. Continuous authentication of smartphone users by fusing typing, swiping, and phone movement patterns. In Proceedings of the IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS\u201916). IEEE, 1\u20138."},{"key":"e_1_3_2_34_2","first-page":"135","volume-title":"Proceedings of the 14th ACM Symposium on Access Control Models and Technologies","author":"Li Ninghui","year":"2009","unstructured":"Ninghui Li, Qihua Wang, Wahbeh Qardaji, Elisa Bertino, Prathima Rao, Jorge Lobo, and Dan Lin. 2009. Access control policy combining: Theory meets practice. In Proceedings of the 14th ACM Symposium on Access Control Models and Technologies. 135\u2013144."},{"key":"e_1_3_2_35_2","first-page":"705","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"Mare Shrirang","year":"2014","unstructured":"Shrirang Mare, Andr\u00e9s Molina Markham, Cory Cornelius, Ronald Peterson, and David Kotz. 2014. Zebra: Zero-effort bilateral recurring authentication. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, 705\u2013720."},{"key":"e_1_3_2_36_2","first-page":"1","volume-title":"Proceedings of the CHI Conference on Human Factors in Computing Systems","author":"Marques Diogo","year":"2019","unstructured":"Diogo Marques, Tiago Guerreiro, Lu\u00eds Carri\u00e7o, Ivan Beschastnikh, and Konstantin Beznosov. 2019. Vulnerability & blame: Making sense of unauthorized access to smartphones. In Proceedings of the CHI Conference on Human Factors in Computing Systems. 1\u201313."},{"key":"e_1_3_2_37_2","first-page":"1","volume-title":"Proceedings of the 22nd International Conference on Human-computer Interaction with Mobile Devices and Services","author":"Koushki Masoud Mehrabi","year":"2020","unstructured":"Masoud Mehrabi Koushki, Borke Obada-Obieh, Jun Ho Huh, and Konstantin Beznosov. 2020. Is implicit authentication on smartphones really popular? On Android users\u2019 perception of \u201csmart lock for Android.\u201d In Proceedings of the 22nd International Conference on Human-computer Interaction with Mobile Devices and Services. 1\u201317."},{"key":"e_1_3_2_38_2","doi-asserted-by":"crossref","first-page":"293","DOI":"10.1145\/2590296.2590337","volume-title":"Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security","author":"Miettinen Markus","year":"2014","unstructured":"Markus Miettinen, Stephan Heuser, Wiebke Kronz, Ahmad-Reza Sadeghi, and N. Asokan. 2014. ConXsense\u2014Automated context classification for context-aware access control. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security. 293\u2013304."},{"key":"e_1_3_2_39_2","first-page":"1","volume-title":"Proceedings of the IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS\u201915)","author":"Neal Tempestt J.","year":"2015","unstructured":"Tempestt J. Neal, Damon L. Woodard, and Aaron D. Striegel. 2015. Mobile device application, Bluetooth, and Wi-Fi usage data as behavioral biometric traits. In Proceedings of the IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS\u201915). IEEE, 1\u20136."},{"key":"e_1_3_2_40_2","first-page":"98","volume-title":"Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition Workshops","author":"Primo Abena","year":"2014","unstructured":"Abena Primo, Vir V. Phoha, Rajesh Kumar, and Abdul Serwadda. 2014. Context-aware active authentication using smartphone accelerometer measurements. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition Workshops. 98\u2013105."},{"key":"e_1_3_2_41_2","first-page":"365","volume-title":"Proceedings of the 13th International Conference on Advances in Mobile Computing and Multimedia","author":"Ramakrishnan Arun","year":"2015","unstructured":"Arun Ramakrishnan, Jochen Tombal, Davy Preuveneers, and Yolande Berbers. 2015. PRISM: Policy-driven risk-based implicit locking for improving the security of mobile end-user devices. In Proceedings of the 13th International Conference on Advances in Mobile Computing and Multimedia. 365\u2013374."},{"key":"e_1_3_2_42_2","first-page":"270","volume-title":"Proceedings of the IEEE 10th International Conference on Ubiquitous Intelligence and Computing and IEEE 10th International Conference on Autonomic and Trusted Computing","author":"Ramakrishnan Arun Kishore","year":"2013","unstructured":"Arun Kishore Ramakrishnan, Davy Preuveneers, and Yolande Berbers. 2013. A loosely coupled and distributed bayesian framework for multi-context recognition in dynamic ubiquitous environments. In Proceedings of the IEEE 10th International Conference on Ubiquitous Intelligence and Computing and IEEE 10th International Conference on Autonomic and Trusted Computing. IEEE, 270\u2013277."},{"issue":"2","key":"e_1_3_2_43_2","first-page":"91","article-title":"Fine-grained integration of access control policies","volume":"30","author":"Rao Prathima","year":"2011","unstructured":"Prathima Rao, Dan Lin, Elisa Bertino, Ninghui Li, and Jorge Lobo. 2011. Fine-grained integration of access control policies. Comput. Secur. 30, 2-3 (2011), 91\u2013107.","journal-title":"Comput. Secur."},{"key":"e_1_3_2_44_2","first-page":"301","volume-title":"Proceedings of the 21st USENIX Security Symposium (USENIX Security\u201912)","author":"Riva Oriana","year":"2012","unstructured":"Oriana Riva, Chuan Qin, Karin Strauss, and Dimitrios Lymberopoulos. 2012. Progressive authentication: Deciding when to authenticate on mobile phones. In Proceedings of the 21st USENIX Security Symposium (USENIX Security\u201912). 301\u2013316."},{"key":"e_1_3_2_45_2","doi-asserted-by":"crossref","first-page":"299","DOI":"10.1145\/2523649.2523676","volume-title":"Proceedings of the Annual Computer Security Applications Conference (ACSAC\u201913)","author":"Rohrer Felix","year":"2013","unstructured":"Felix Rohrer, Yuting Zhang, Lou Chitkushev, and Tanya Zlateva. 2013. DR BACA: Dynamic role based access control for Android. In Proceedings of the Annual Computer Security Applications Conference (ACSAC\u201913). ACM, 299\u2013308. DOI:10.1145\/2523649.2523676"},{"key":"e_1_3_2_46_2","doi-asserted-by":"crossref","first-page":"130","DOI":"10.1007\/978-3-642-12654-3_8","volume-title":"Proceedings of the International Conference on Pervasive Computing","author":"Seifert Julian","year":"2010","unstructured":"Julian Seifert, Alexander De Luca, Bettina Conradi, and Heinrich Hussmann. 2010. TreasurePhone: Context-sensitive user data protection on mobile phones. In Proceedings of the International Conference on Pervasive Computing. Springer, 130\u2013137."},{"key":"e_1_3_2_47_2","first-page":"1","volume-title":"Proceedings of the 17th International Conference on Privacy, Security and Trust (PST\u201919)","author":"Shrestha Babins","year":"2019","unstructured":"Babins Shrestha, Manar Mohamed, and Nitesh Saxena. 2019. ZEMFA: Zero-effort multi-factor authentication based on multi-modal gait biometrics. In Proceedings of the 17th International Conference on Privacy, Security and Trust (PST\u201919). IEEE, 1\u201310."},{"issue":"5","key":"e_1_3_2_48_2","doi-asserted-by":"crossref","first-page":"877","DOI":"10.1109\/TIFS.2015.2506542","article-title":"HMOG: New behavioral biometric features for continuous authentication of smartphone users","volume":"11","author":"Sitov\u00e1 Zde\u0148ka","year":"2015","unstructured":"Zde\u0148ka Sitov\u00e1, Jaroslav \u0160ed\u011bnka, Qing Yang, Ge Peng, Gang Zhou, Paolo Gasti, and Kiran S. Balagani. 2015. HMOG: New behavioral biometric features for continuous authentication of smartphone users. IEEE Trans. Inf. Forens. Secur. 11, 5 (2015), 877\u2013892.","journal-title":"IEEE Trans. Inf. Forens. Secur."},{"key":"e_1_3_2_49_2","first-page":"644","volume-title":"Proceedings of the IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, 16th International Conference on Pervasive Intelligence and Computing, 4th International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC\/PiCom\/DataCom\/CyberSciTech\u201918)","author":"Smith-Creasey Max","year":"2018","unstructured":"Max Smith-Creasey, Fatema A. Albalooshi, and Muttukrishnan Rajarajan. 2018. Context awareness for improved continuous face authentication on mobile devices. In Proceedings of the IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, 16th International Conference on Pervasive Intelligence and Computing, 4th International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC\/PiCom\/DataCom\/CyberSciTech\u201918). IEEE, 644\u2013652."},{"issue":"2","key":"e_1_3_2_50_2","doi-asserted-by":"crossref","first-page":"195","DOI":"10.1007\/s00779-016-0905-0","article-title":"Model for adaptable context-based biometric authentication for mobile devices","volume":"20","author":"W\u00f3jtowicz Adam","year":"2016","unstructured":"Adam W\u00f3jtowicz and Krzysztof Joachimiak. 2016. Model for adaptable context-based biometric authentication for mobile devices. Person. Ubiq. Comput. 20, 2 (2016), 195\u2013207.","journal-title":"Person. Ubiq. Comput."},{"journal-title":"R","article-title":"WSO2: Strong Authentication","key":"e_1_3_2_51_2","unstructured":"WSO2. 2021. WSO2: Strong Authentication. Retrieved from https:\/\/wso2.com\/identity-and-access-management\/strong-authentication\/"},{"key":"e_1_3_2_52_2","first-page":"1","volume-title":"Proceedings of the IEEE 18th International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM\u201917)","author":"Zeng Yunze","year":"2017","unstructured":"Yunze Zeng, Amit Pande, Jindan Zhu, and Prasant Mohapatra. 2017. WearIA: Wearable device implicit authentication based on activity information. In Proceedings of the IEEE 18th International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM\u201917). IEEE, 1\u20139."},{"key":"e_1_3_2_53_2","doi-asserted-by":"crossref","first-page":"3197","DOI":"10.1109\/TIFS.2020.2985628","article-title":"Deep learning-based gait recognition using smartphones in the wild","volume":"15","author":"Zou Qin","year":"2020","unstructured":"Qin Zou, Yanling Wang, Qian Wang, Yi Zhao, and Qingquan Li. 2020. Deep learning-based gait recognition using smartphones in the wild. IEEE Trans. Inf. Forens. Secur. 15 (2020), 3197\u20133212.","journal-title":"IEEE Trans. Inf. Forens. Secur."}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3648372","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3648372","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:50:19Z","timestamp":1750287019000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3648372"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,8]]},"references-count":52,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024,5,31]]}},"alternative-id":["10.1145\/3648372"],"URL":"https:\/\/doi.org\/10.1145\/3648372","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"type":"print","value":"2471-2566"},{"type":"electronic","value":"2471-2574"}],"subject":[],"published":{"date-parts":[[2024,4,8]]},"assertion":[{"value":"2022-06-24","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-02-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-04-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}