Extending the Trusted Path in Client-Server Interaction
نویسندگان
چکیده
We present a method to secure the complete path between a server and the local human user at a network node. This is useful for scenarios like internet banking, electronic signatures, or online voting. Protection of input authenticity and output integrity and authenticity is accomplished by a combination of traditional and novel technologies, e.g., SSL, ActiveX, and DirectX. Our approach does not require administrative privileges to deploy and is hence suitable for consumer applications. Results are based on the implementation of a proof-of-concept application for the Windows platform.
منابع مشابه
SeRPEnT: Secure Remote Peripheral Encryption Tunnel
Client endpoint systems are a prime target for attackers of every sophistication level. These systems take part in many transactions demanding a degree of trust that cannot be placed in a general-purpose, commodity, computer system. We propose that these sensitive transactions can be made more secure by creating a new kind of trusted path, one that connects a server directly to a client’s hardw...
متن کاملA trusted decentralized access control framework for the client/server architecture
This paper proposes a trusted decentralized access control (TDAC) framework for the client/server architecture. As the fundamental principle, TDAC enforces access control policies at the client side and protects sensitive objects at the server side by leveraging trusted computing technologies. Compared with the previous work of Sandhu and Zhang (2005), TDAC uses fewer requirements for trusted c...
متن کاملInformation Flows in Encrypted Databases
In encrypted databases, sensitive data is protected from an untrusted server by encrypting columns using partially homomorphic encryption schemes, and storing encryption keys in a trusted client. However, encrypting columns and protecting encryption keys does not ensure confidentiality sensitive data can leak during query processing due to information flows through the trusted client. In this p...
متن کاملIdentity Credential Issuance with Trusted Computing
In a client-server environment that deals with multiple clients, there is a need to provide a mechanism on the server to manage the issuance of the client credentials for security authorization. Credentials created using a particular own platform identities and functions as an authentication credentials to authenticate the platform itself in a network communication. However, these credentials c...
متن کاملClient-side cross-site scripting protection
Web applications are becoming the dominant way to provide access to online services. At the same time, web application vulnerabilities are being discovered and disclosed at an alarming rate. Web applications often make use of JavaScript code that is embedded into web pages to support dynamic client-side behavior. This script code is executed in the context of the user’s web browser. To protect ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/cs/0611102 شماره
صفحات -
تاریخ انتشار 2006