User authentication is one of the basic components of any cyber security program. Identifying an individual based on a username, password or other means helps companies ensure that the person is who he or she claims to be when accessing a system, application or network.
But in some cases traditional authentication processes are not enough to provide strong security throughout a user work session. That’s where continuous authentication comes in. The concept is still relatively new, and experts say few products yet exist in the market. But it’s gaining more attention as companies look for ways to prevent unauthorized access to their critical business data.
“Continuous authentication is form of dynamic, risk-based authentication, [which] changes the perspective of authentication from an event to a process,” says Frank Dickson, a research director within IDC's Security Products research practice.
“Dynamic, risk-based authentication examines attributes that change and continually looks to validate the authentication,” Dickson says. Currently, most of the uses cases for this type of authentication are based on analyzing the manner in which a person interacts with a device such as a smartphone or notebook, he says.
A shift to continuous authentication is inevitable, but it’s really in the early days of development, says Mark Diodati, research vice president at Gartner.
“The technology is compelling because it solves a lot of security and usability issues,” Diodati says. “Typical authentication today might be a password at the front door to authenticate someone, but over time the security of the session decays.”
Whereas confidence of authentication is quite high at the beginning of the process, a variety of events can take place that weaken security, Diodati says. For example, a user might walk away from his desktop computer briefly and someone else takes over the session, or malware infecting the system can take over as well.
“The longer the duration of the session the more likely there is to be decay in authentication,” Diodati says.
Continuous authentication takes place not just at the start of a session but the entire time a user is accessing a network or using an application. The technology “works behind the scenes, looking at how users behave: the way they type on the keyboard, how quickly they move between the keys, how long they hold a key, how they swipe on mobile devices, how they move a mouse,” Diodati says. “All of this contains information about the user.”
The analysis of the information provides an extremely high likelihood that a particular user is the person he claims to be. That’s because everyone acts in unique ways when working at a keyboard or other access device. In fact, one of the key components of continuous authentication is user behavior analytics, which helps determine the true identity of a given individual.
Sign up for MIS Asia eNewsletters.