Autentizace v přímém bankovnictví

The aim of this text is to show how authentication is implemented in on-line banking industry. Czech banks are analyse as well as their on-line banking services. It is examined authentication of user's identity of this services

Počet měření pro vytvoření vzoru identifikačního pole dynamiky psaní krátkého textu na klávesnici

Keystoke dynamics is biometrics authentification. This biometrice usually does not involve some special hardware and it is advantage os this way how to prove you are really you. In this article it is suggested the criterium which determines how many measurement is necessary for creating template of keystroke dynamics. This criterium is simultaneously used in experiments

Keystroke dynamics authentication using a small number of samples

The verification of a person’s identity is very important in today’s information society, especially in e-commerce systems and directly affects user account management and administration. Although present e-commerce systems use many modern sophisticated methods of authentication, large numbers of e-commerce systems use passwords for this purpose incessantly. However, passwords are not considered be too secure because users usually do not adhere to security policies for creating and managing theirs passwords. This problem can be solved by security policies that require the user to change the password frequently, select a completely new password, and structure the password, which places additional demands on the user. The solution is a two-factor authentication where a user needs to know the right password and at the same time, he must write this password in the correct way. Indeed, many different methods for keystroke dynamics authentication exist nowadays, but unfortunately, many of them need a large number of samples to create a stable template and therefore it is impossible use them in systems whose security policy requires frequent password change. The authors suggest a completely new method for these purposes that is enough stable even with a small number of measurements to create a template. This proposed method of keystroke dynamics authentication is validated and results are compared with existing methods both over the own dataset and the existing reference datasets. The authors believe that the proposed method will simplify the management and administration of user accounts as well as their security

Autentizace prostřednictvím hesla z pohledu koncového uživatele

The goal of this paper is to evaluate the password authentication from the end user’s point of view with respect to the ability of these users. Firstly, requirements to usable passwords are defined in accordance with usability engineering terminology, concretely learnability, efficiency, memorability, satisfaction and errors of a password. Then, through an experimental study the factors that affect various aspects of passwords usability are investigated. The goal of this experimental study was to investigate the trade-off between security and memorability in the real world context and to investigate whether the education of end users regarding the creation of secure passwords affects the security of their passwords. The participants were divided to six sub-groups according to whether they were or were not trained about passwords security and according to instructions how they were expected to choose their passwords. Data obtained through this controlled experiment are analysed and based on this analysis there are formulated conclusions in this paper.Cílem tohoto příspěvku je ohodnotit autentizaci prostřednictvím hesel z pohledu koncových uživatelů s respektováním jejich schopností. Nejprve jsou požadavky na použitelná hesla definovány v souladu s terminologií inženýrství použitelnosti. Těmito požadavky jsou konkrétně naučitelnost, účinnost, zapamatovatelnost, spokojenost a chybovost hesel. Potom, prostřednictvím experimentální studie jsou zkoumány faktory, které mají vliv na tyto různé aspekty požitelnosti hesla. Cílem této experimentální studie bylo zjistit kompromis mezi bezpečností a zapamatovatelností hesel v kontextu reálného světa a zjistit, zda vzdělávání koncových uživatelů týkajících se vytváření bezpečných hesel ovlivňuje bezpečnost volených hesel. Účastníci byli rozděleni do šesti podskupin podle toho, zda byli či nebyli školeni o bezpečnosti hesel a podle pokynů, jak si volit si své heslo. Údaje získané pomocí tohoto kontrolované experimentu jsou analyzovány a na základě této analýzy jsou formulovány závěry

Information security - authentication

Práce se zabývá vícefaktorovou autentizací založenou na kombinaci znalostní autentizace prostřednictvím hesel a biometrické autentizace prostřednictvím dynamiky psaní na klávesnici. Navržený model vícefaktorové autentizace je jak kvalitativně, tak i kvantitativně ohodnocen. Kromě toho je v práci kvantitativně ohodnocena bezpečnost znalostní autentizace prostřednictvím hesel vůči slovníkovému útoku a útoku hrubou silou.Ústav systémového inženýrství a informatikyDokončená práce s úspěšnou obhajobo

Economic evaluation of usability of public administration information systems

In this paper an impact of usability engineering to software development life-cycle is diskussed and a basic framework for economic evaluation of usability application to public administration information systems is developed. The suggested model considers particularities of this type of information system that are more discussed as well. As the most important variables the cost of usability and revenue of usability is identified and the impact of these variables to suggested model is analyzed and the concrete cases are figured

Dynamika psaní na klávesnici v kombinaci s klasickými hesly

Authentification as a data security instrument in our informational society is very important for keeping yuor data as safe as possible. There are 3 types of authentification: authentification by knowledge, by subjekt and biometric authentification. Each one has both advantages and disadvantages. They can be combined to increase the security of your information as well. There are some ideas that suggests reasonable combination of password ans keystroke dynamic

Methods of usability testing and evaluation of public administration information systems user interfaces

Práce se zabývá metodami testování a hodnocení použitelnosti uživatelského rozhraní informačních systémů veřejné správy. Je zde provedena analýza stávajících metod testování a hodnocení použitelnosti uživatelského rozhraní, navržena metodika hodnocení použitelnosti prostřednictvím heuristického hodnocení, která je ověřena na případové studii. Navržená metodika je rozšířena o možnost použití přirozeného jazyka při hodnocení použitelnosti. Součástí práce je i ekonomické hodnocení aktivit usability engineeringu v souvislosti s informačními systémy veřejné správy a analýza vzájemného vztahu použitelnosti a bezpečnosti, konkrétně znalostní autentizace prostřednictvím hesel.This work deals with methods of usability testing and evaluating of user interfaces of public administration information systems. The analysis of present user interface usability testing and evaluation methods is carried out and a methodology of heuristic evaluation of usability is proposed. This methodology is validated by a case study. The proposed methodology is extended by possibility of utilization of natural language for usability evaluation. Economic evolution of usability engineering activities linked to public administration information systems is another part of the work. Next, a connection of usability and security, namely knowledge authentication by passwords, is covered by the work.Dokončená práce s úspěšnou obhajobo

Utilization internet technologies by transport firm

Analýza současného stavu českého internetu a jeho uživatelů, analýza využití internetu dopravními firmami. Rozbor využívání internetu firmou Dopravní podnik města Pardubic a.s..Dokončená práce s úspěšnou obhajobo

Comparision of usability evaluation of public administration webpages by user testing and by analytical models

The usability of user interfaces especially of webpages is currently a very hot topic. The existing scientific literature contains various methods for testing and evaluation of the usability of various user interfaces. The benefit of various usability evaluation methods is described in this article, especially evaluation of usability by models and user testing. The most commonly used methods for these purposes are usability testing and heuristic evaluation. However, there are also suggestions of usability evaluation through analytical models that allow us to evaluate usability without having to involve end-users or experts in this evaluation process. These methods and their applicability are described in the article as well. For the purposes of the research as representative websites of public administration were chosen websites of selected municipalities. Next, the paper deals with evaluation of the web pages of selected statutory cities usability where the usability is evaluated by both suggested and validated analytical model and usability testing. The main goal is to compare the results of usability evaluation by analytical models and usability testing that use real end users and to check the analytical model’s ability to act like in a real situation