DiskMan targets invisible, hassle-free, yet highly accurate continuous user authentication. It protects consumer content and other online assets with context-aware, risk-adaptive multifactor authentication established through collaboration between users’ mobile and wearable devices. It builds upon multiple authentication factors (what I have, who I am) & context (location, time of day, social connections) using cheap, readily- available sensors & data. DiskMan middleware intuitively authenticates and safeguards consumers via their mobile and wearable devices while adapting online security decisions to the context created by these multiple devices.
Finding safety in numbers
While mobile and wearable devices enrich our personal and professional lives, with multiple applications giving access to our most precious resources, they also come with the considerable risks associated with loss, theft and poor access control frameworks: a safety issue that the DiskMan consortium aims to resolve.
Balancing security and usability while protecting privacy in a multi-device context
In collaboration with three large-scale technology providers facing authentication and access control challenges, the DiskMan project consortium and its imec research groups DistriNet and COSIC aim to develop a solution that:
- works with online services and in a device-to-device context without a central service provider;
- balances appropriate security and maximum usability;
- offers a frictionless authentication experience;
- safeguards privacy in a multi-device authentication scenario.
Collaborative authentication 101
Rather than relying on passwords, PINs or expensive physical key fobs and cards, collaborative authentication involves multiple devices jointly authenticating to a remote server or within a device-to-device setting. Ideally, authentication could be established by the combined presence of several of the user’s wearables plus their mobile phone. The DiskMan project aims to expand the knowledge base in this tech area, as there is no existing solution that offers DiskMan’s combination of security, resilience, user-friendliness, multi-modality and adaptability.
Real solutions for present and future tech
Sony Techsoft will rely on the DiskMan prototype to build a powerful software development kit for mobile devices and wearables that offers secure, frictionless, continuously-monitored access to the cloud. DiskMan middleware will enable Televic Conference to vastly extend the range of its conferencing technology beyond the conference room via tiered access control and comprehensive security appropriate to the user. Meanwhile, IS4U will use the knowledge gained by the DiskMan project to integrate adaptable, risk-based mobile authentication into its identity management platform. These diverse applications demonstrate how useful DiskMan can be in many different tech domains.
"With our increased reliance on mobile and wearable technology, the DiskMan multi-device security middleware will solve a diverse range of cross-domain security and user experience challenges faced by the tech industry’s most important players."
Dynamic Risk-based Access Management.
DiskMan is an imec.icon research project funded by imec and Agentschap Innoveren & Ondernemen.
It ran from 01.10.2016 until 30.09.2018.Download as pdf
- Televic Conference
- Sony Belgium
- imec - COSIC - KU Leuven
- imec - DistriNet - KU Leuven
- Project Lead: Hugo Embrechts
- Research Lead: Wouter Joosen
- Innovation Manager: Stefan Van Baelen