With an increased emphasis on software and applications, they are becoming more secure through built-in malware recognition. It has prompted adversaries to increasingly target identity infrastructures, thereby contributing to a pronounced global surge in identity-based attacks. This paper addresses the problem by introducing IdentiToken, an authentication framework that derives tokens from a structured set of user and environmental attributes. Attributes are grouped into different classes, each weighted to reflect its sensitivity to change. IdentiToken supports similarity-based validation, enabling partial matches to be interpreted meaningfully rather than reduced to binary outcomes. We analyse the system’s behaviour under adversarial scenarios and evaluate its sensitivity to attribute changes in a controlled environment. Although the approach is still exploratory in terms of deployment, our results suggest that structured, attribute-derived tokens may provide a useful foundation for developing more flexible and context-aware authentication mechanisms.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Adaptive Identity Token from User Attributes for Authentication Through Controlled Execution Environment

  • Shashank Tripathi,
  • Kai Hendrik Wöhnert,
  • Volker Skwarek

摘要

With an increased emphasis on software and applications, they are becoming more secure through built-in malware recognition. It has prompted adversaries to increasingly target identity infrastructures, thereby contributing to a pronounced global surge in identity-based attacks. This paper addresses the problem by introducing IdentiToken, an authentication framework that derives tokens from a structured set of user and environmental attributes. Attributes are grouped into different classes, each weighted to reflect its sensitivity to change. IdentiToken supports similarity-based validation, enabling partial matches to be interpreted meaningfully rather than reduced to binary outcomes. We analyse the system’s behaviour under adversarial scenarios and evaluate its sensitivity to attribute changes in a controlled environment. Although the approach is still exploratory in terms of deployment, our results suggest that structured, attribute-derived tokens may provide a useful foundation for developing more flexible and context-aware authentication mechanisms.