Who are you?! Adventures in Authentication

Call for Papers

Workshop to be held at the Twelfth Symposium on Usable Privacy and Security—SOUPS 2016
June 22, 2016, Denver, CO

Authentication, or the act of proving that someone is who they claim to be, is a cornerstone of security. As more time is spent using computers, authentication is becoming both more common and increasingly important. Users must authenticate to prove their identity to maintain a continuous presence with a wide variety of computing services.

Our most common method of authentication continues to be based on the assumption of a person using a desktop computer and keyboard, or a person authenticating to their mobile phone. More recently, mobile devices have opened up new possibilities based on a variety of gestures and biometrics.

There has been an implicit assumption that the effort of authenticating, both in terms of elapsed time, user actions, cognitive load and impact on a user's primary task, will be amortized over a relatively long lifetime of the authenticated session with the system, application or service. As computing moves into new environments, including mobile and embedded systems, these assumptions may no longer be valid.

In the era of mobile, embedded and ubiquitous computing, the time for each interaction with a device, application or service is becoming much briefer. The user’s primary task may be tending to a patient, driving a car, operating heavy machinery, or interacting with friends and colleagues via mobile apps.  Due to the nature of user interaction in these new computing environments, and new threat models, methods of authenticating are needed that are both robust, easy to use, and minimize impact on the user's primary task. The time/cost of authentication needs to be commensurate with the level of engagement with these kinds of systems and applications.

The purpose of this workshop is to bring together researchers and practitioners to share experiences, concerns, and ideas about known and new authentication techniques. We are interested in discussing methods of evaluating the impact and usability of various authentication techniques, and ideas about novel authentication techniques that are secure, robust and usable.

Target Audience

Researchers and practitioners interested in the topics outlined below. We expect that researchers from both industry and academia will find relevant material in the workshop.

Topics of interest for this workshop include:

  • Surveys and comparisons of known authentication techniques

  • Novel metrics or comparisons of metrics for authentication strength
  • Empirical evaluations of authentication techniques, including performance, accuracy, and the impact of authentication on a user’s primary task
  • New authentication techniques that target emerging computing environments such as mobile and embedded systems
  • Approaches (including protocols) that enable weak authentication schemes to be more robust
  • Existing authentication techniques applied in new environments or usage context
  • Novel approaches to the design and evaluation of authentication systems



The goal of this workshop is to explore these and related topics across the broad range of contexts, including enterprise systems, personal systems, and especially mobile and embedded systems (such as healthcare, automotive and wearable systems). This workshop provides an informal and interdisciplinary setting at the intersection of security, psychological, and behavioral science.  Panel discussions may be organized around topics of interest where the workshop participants will be given an opportunity to give presentations, which may include current or prior work in this area, as well as pose new challenges in authentication.



We are soliciting 1–2 page position statements that express the nature of your interest in the workshop; these should include the aspects of authentication of interest to you, including the topic(s) that you would like to discuss during the workshop and panel discussions.  Position statements must be in PDF format, preferably using the SOUPS formatting template (LaTeX or MS Word).  Submissions should not be blinded.



Accepted submissions will be posted to the SOUPS workshop web site. We encourage participants to also make their workshop presentations available on the web site. These submissions will not be considered “published” works, and as such, should not preclude publication elsewhere.



Submissions will be via the EasyChair WAY 2016 web site: https://easychair.org/conferences/?conf=way2016

Important Dates

  • Workshop paper submission deadline: Thursday, May 19, 2016 Deadline extended!
  • Notification of workshop paper acceptance: Friday, May 27, 2016
  • Camera ready workshop papers due: Sunday, June 5, 2016
  • Workshop date: Wednesday, June 22, 2016

Questions about submissions should be directed to: AdventuresInAuthentication@gmail.com.

Workshop Co-Chairs:

Larry Koved, IBM T. J. Watson Research Center
Elizabeth Stobert, ETH Zürich

Program Committee:

Hala Assal, Carleton University
David Barrera, ETH Zürich
Heather Crawford Florida Institute of Technology
Markus Duermuth, Ruhr-University Bochum
Alain Forget, Google
Claudio Marforio, ETH Zürich
Blase Ur, Carnegie Mellon University