Authentication Using Shared Knowledge: Learning Agents

  • Vadim Kimlaychuk
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 194)


The way to identify user in existing computer systems has for a long time been simple. It is enough to provide correct password (or identity token) and the majority of the systems will “recognize” you as legal user of given username if any. There is no difference for such a system if there is one person behind this username or many. Authentication of the user for many years has been reduced to the problem of the username validation and is not answering question “Is the user really who he/she represents himself to be?” This problem was identified from the very beginning and there were many attempts to solve it, but without success. General idea to overcome this mismatch is to know more about personality of the user. The key concept here is shared information knowledge (between user and the system) that must be unique. This knowledge can be gathered by intelligent software agents. Article describes JADE [1] agents for shared knowledge multi-agent system that can dynamically learn new concepts and perform learned actions.


shared knowledge authentication learning software agents JADE 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Fabio, B., Giovanni, C., Greenwood, D.: Developing multi-agent systems with JADE. John Wiley & Sons (2007)Google Scholar
  2. 2.
    Mitnick, K., Simon, W., Wozniak, S.: The art of deception. John Wiley & Sons (2002)Google Scholar
  3. 3.
    Long, J., Wiles, J.: No Tech Hacking: A Guide to Social Engineering Dumpster Diving and Shoulder Surfing, pp. 101–121. Syngress (2008)Google Scholar
  4. 4.
    Yan, J., Ahmad, A.: A Low-cost Attack on a Microsoft CAPTCHA. School of Computing Science, Newcastle University, UK (2008)Google Scholar
  5. 5.
    Magno, M.B.: Survey of user authentication mechanisms. Naval Postgraduate School, Monterey (1996)Google Scholar
  6. 6.
    Sasse, A.: Usability and trust in information systems. CiteSeerX (2008)Google Scholar
  7. 7.
    Schneier, B.: Applied cryptography, pp. 52–68. John Wiley & Sons (1996)Google Scholar
  8. 8.
    Nosseir, A., Connor, R., Dunlop, M.: Internet Authentication Based on Personal History - A Feasibility Test. CiteSeerX (2005)Google Scholar
  9. 9.
    Nosseir, A., Connor, R., Revie, C., Terzis, S.: Question-based authentication using context data. In: Nordic Conference on Human-Computer Interaction, vol. 189, pp. 429–432 (2006)Google Scholar
  10. 10.
    Zviran, M., Haga, W.G.: User authentication by cognitive passwords: an empirical assessment. In: Proceedings of the Fifth Jerusalem Conference on Information Technology, pp. 137–144 (1990)Google Scholar
  11. 11.
    Toomim, M., Zhang, X., Fogarty, J., Landay, J.A.: Access Control by Testing for Shared Knowledge. In: Conference on Human Factors in Computing Systems (2008)Google Scholar
  12. 12.
    Forman, I., Forman, N.: Java reflection in action. Manning Publications (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Dept. of Computer ControlTallinn University of TechnologyTallinnEstonia

Personalised recommendations