Aug, 2020 - By WMR
Security concerns in electronic devices have become one of the most burning issues. For this, device providers have come up with pin codes, biometric scanners, and passwords for smartphones, computers, and tablets, in order to prevent unauthorized access to these devices. However, over the years, novel devices such as AR and VR headsets have evolved into standalone devices. As a result of this, typing or scanning is not as useful as it would be for other devices. For such a conundrum, the electronic industry has come up with a better alternative “Zero-Trust Authentication” or commonly called ZeTA.
Zero Trust Authentication or also referred to as Zero Trust Network is a security concept that privately shares secrete information to users, in order to grant access. For instance, this secrete could be ‘blue not green’ to accept yes for the challenge ‘sky?’ and no to ‘grass?’ and so on. These challenges can go as part of security. Researchers have found that ZeTa has shown to avert data breaches, which is a major problem with contemporary devices. The primary philosophy behind zero-trust authentication is that there are hackers both outside and within the network, so no machine or users should be automatically trusted. The security of VR and AR headsets has not been the most prevalent issue yet as they rely on smartphones, PCs, tablets, or game consoles and all of them have their own security systems. However, next-generation are more likely to come as standalone devices with the requirement of input accessories. Although headsets could easily ask users for pin code or gesture, it is not as practical as it seems since people walk around the public with mixed reality glasses. Therefore, ZeTA depends on the human response for authentication to understand the semantic relationships and still reduces input demands to simple binary responses. It would ultimately lead to multiple yes or no questions to give headset confidence that the user knows the secret.
Furthermore, Zero trust authentication utilizes micro-segmentation, which is an approach of splitting up security perimeters into small zones, in order to provide individual access to each part of the network. Zero trust authentication also has multi-factor authentication (MFA) as its central value of zero-trust security. This typically means it would require more than one evidence to validate a user. Besides, zero trusts also require stringent control over device access. It needs to monitor how many different devices are trying to access their network and make sure that every device is authorized.
Currently, researchers across the U.S. and Germany are expected to present their work on in virtual conference ‘Who Are You? Adventures in Authentication (WAY) 2020’ in August 2020. The research is supported by the University of Denver, Indiana University, German Federal Ministry of Education, and the Karlsruhe Institute of Technology. The next step in this technology is to ascertain user comfort, efficiency, and effectiveness with the three major input options taps on the surface, voice, and right/left or up/down head movements. After taking all these factors into account, researchers will determine how the questions will be laid out and make more complex responses more practical.