The US military, through its research agency, is working on new tools to verify the identity of those located on internal networks. One of them is to create a "cognitive signature" of each user, based on his behavior when he makes computing.
In terms of authentication, several methods exist to identify a user. When accessing a resource, the computer system can for example ask the user something he knows (a password), it has (an application generates an authentication token), or that it is (via biometrics). Of course, these elements can be combined to limit the risk of intrusion if a third party manage to retrieve some information (such as passwords).
These processes are the most common, but there are others that can verify the geographic position of the one who wants to connect to a protected resource or behavior. The latter is also a search box where IBM is committed: the US group is indeed working on a method for identifying a user based on their online activities. The purpose? Make sure it is active on one of your accounts is you and not someone else.
COGNITIVE SIGNATURE
The approach of verifying the identity of a user by analyzing his behavior also concerned the US military. Indeed, as the peak The Register, the agency for research projects Advanced Defense (DARPA) works on the principle of active authentication observing the attitude of the user when handling computer skills (mouse movements, keyboard typing speed, etc). The idea behind this mechanism is to create a kind of "cognitive signature"
"This program focuses on behavioral traits that can be seen through the way we interact with the world. As you leave a fingerprint when you touch something with your finger when interacting with technology, you do in a pattern based on how your mind processes information, leaving a cognitive footprint ", says the US agency.
SECURE INTERNAL NETWORK
Such a device could, if it is viable and deployed properly, enhancing security on computer systems that store confidential information or particularly sensitive.
In addition to conventional means of identification, this active authentication would continuously monitor is manipulating secret files. It could also obstruct potential attackers (acting locally or remotely) who seek to retrieve information on secure networks, since their behavioral signature would then not be recognized by the system.
ConversionConversion EmoticonEmoticon