Traditional one-time user authentication (e.g., passwords) is
becoming insufficient for modern software applications. Studies have
shownthat traditional user authentication mechanisms are cumbersome,
often forgotten, and disabled by users [1]. Continuous and
behaviour-based user authentication has recently attracted alot of
interest as an alternative to the traditional authentication
mechanisms.Unlike traditional user authentication mechanisms that are
static and explicit, behaviour-based authentication relies on
user behaviour to continuously verify the aunthenticity of the user.
Consider for instance a user who is using his/her mobile device. The
moment the user hands over the device to another user, the device can
be enhanced with capability to automatically limit access to critical
confidential parts of the application such as SMS and address
book/contacts.All this happens without requiring the user to explicitly provide password for the SMS or address book.
This masters research aims at providing programming language support
for behaviour and continuous authentication. The
research will involve investigation of language abstractions necessary
for expressing continuous behaviour-based authentication.The student
will study exisiting behaviour-based authentication models and propose
appropriate reusable language abstractions such as means to express user behaviour at
the language level. A language extension is expected as an output of
this masters research. Further, a case study application will be
developed using the language extension. The choice of the
implementation language/platform will be informed by the
language/platform's reflective capabilities and support for
instrumenting the runtime (meta-programming). For instance,
Javascript's Proxy API can be a justification for choosing Javascript.
This project requires the student to have (or develop) good
programming skills. Interest in programming language design and implementation.
Engineer
Bainomugisha < baino at cis dot mak dot ac dot ug >