SAT Reading - Khan Diagnostic Quiz level 4 - reading 15

Questions 1-11 are based on the following
passage.


This passage is excerpted from Larry Greenemeir, “Forget Passwords,” ©2012 by Scientific American.




It seems like something out of a Robert Ludlum spy novel.

Someone tries to coerce you into revealing your computer

security passwords. You might be tempted to give in, but it is
impossible for you to reveal your authentication credentials.
5 ou do not actually know them because they are safely

buried deep within your subconscious.
Sounds a bit extreme just to make sure no one can log on

to your laptop or smartphone, but a team of researchers from

Stanford and Northwestern universities as well as SRI
10 International is nonetheless experimenting at the computer-,

cognitive- and neuroscience intersection to combat identity

theft and shore up cyber security-by taking advantage of the

human brain’s innate abilities to learn and recognize patterns.
The researchers are studying ways to covertly create and
15 store secret data within the brain's corticostriatal memory

system, which is responsible for reminding us how to do

things. When a person needs to access a computer, network

or some other secure system, they would use special

authentication software designed to tease out that secret data.
20 To test this concept, the researchers devised a computer

game requiring players to tap buttons on a keyboard as large

black dots descending down their screen cross a horizontal

line-very similar in concept to the video game Guitar Hero.

During an initial training session lasting from 30 minutes to
25 an hour, the dots fall at different speeds and in various

locations, forming patterns that repeat until participants

become adept at hitting the appropriate buttons at the right

time. In effect, users' corticostriatal memory becomes adept

at repeating a particular pattern over time, such as dialing a
30 phone number or typing a word on a keyboard without

looking at one's fingers.
The researchers refer to this as "serial interception

sequence learning" training, during which a person

unwittingly learns a specific sequence of keystrokes that can
35 later be used to confirm that person's identity. To log on to,

for example, a Web site, the user would play the game the

same each time that pattern of dots appears, proving his

identity and allowing him access.
"While the planted secret can be used for authentication,
40 the participant cannot be coerced into revealing it since he or

she has no conscious knowledge of it," according to the

researchers in a study they presented August 8 at the

USENIX Security Symposium in Bellevue, Wash. As

currently conceived, the implicit learning approach being
45 tudied might protect against someone either forcing or

tricking you to reveal a password, says lead author Hristo

Bojinov, a Stanford University Ph.D. computer science

candidate. Such coercion could take the form of physical or

verbal threats demanding your password or other security
50 credentials, or it could be a seemingly legitimate phone call

or e-mail designed to coax out this information.
The researchers say they have tested their approach on

370 players so far and continue to add new participants to

their study. The test currently requires at least 30 minutes of
55 training to get reliable results. "It is unlikely that training

time can be shrunk much because this type of brain memory

takes time to get trained," Bojinov says. "It may be possible

to reduce the authentication time [that follows training], but

it is yet to be seen how much." . . .
60 Whether this approach is practical depends upon the

system being defended. It is unlikely, for example, that

Yahoo or Google would implement this approach to security

for their free e-mail services. Would someone want to play a

game for several minutes every time they want to log onto
65 their e-mail? A government facility housing nuclear

weapons, however, could better justify the time commitment

required to log in using the sequence learning method,

particularly if users log in once each day and such an

approach promises to improve security, says Nicolas
70 Christin, associate director of Carnegie Mellon University's

Information Networking Institute.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
Question 1 Over the course of the passage, the main focus shifts from