Increased trustworthinesss for online authentication

Contemporary authentication solutions for online applications are growing in sophistication and complexity to enhance security, privacy and convenience. For example, they are shifting from traditional username/password combinations to multi-factor and/or password-less authentication, and are leveraging biometric authentication factors on the user's mobile device. However, this growing sophistication is also offering new opportunities for cyber-criminals to compromise online authentication. Attacks are on the rise, and the trustworthiness in online authentication is being challenged, especially in single sign on configurations. This thesis will survey and investigate threats and countermeasures, and research, develop and evaluate methods that strengthen online authentication to become secure and trustworthy in adversarial settings. Prototypical solutions will be applicable in a middleware context. Tentative bibliography of relevant sources: [1] M. Ghasemisharif, A. Ramesh, S. Checkoway, C. Kanich, and J. Polakis, 'O single sign-off, where art thou? an empirical analysis of single sign-on account hijacking and session management on the web,' In Proceedings of the 27th USENIX Conference on Security Symposium (SEC'18), 2018,USENIX Association, USA, pp. 1475–1492. [2] G. Lovisotto, S. Eberz and I. Martinovic, 'Biometric Backdoors: A Poisoning Attack Against Unsupervised Template Updating,' 2020 IEEE European Symposium on Security and Privacy (EuroS&P), 2020, pp. 184-197 [3] M. Golla, G. Ho, M. Lohmus, M. Pulluri, and E. M. Redmiles, 'Driving 2FA Adoption at Scale: Optimizing Two-Factor Authentication Notification Design Patterns', 30th USENIX Security Symposium (USENIX Security 21), 2021, pp. 109-126