Title :
Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine
Author :
Jammalamadaka, Ravi Chandra ; van der Horst, Timothy W. ; Mehrotra, Sharad ; Seamons, Kent E. ; Venkasubramanian, Nalini
Author_Institution :
California Univ., Irvine, CA
Abstract :
Performing sensitive online transactions using computers found in cybercafes and public libraries is risky. The untrusted nature of these machines creates a target rich environment. A simple keystroke logger, a common pay load of many viruses, records and transmits the secret information (e.g., passwords, credit card numbers, PIN numbers) entered into these machines. In addition, sophisticated malware can hijack a user´s authenticated session to perform unauthorized transactions masquerading as the user. This paper presents Delegate, a proxy-based architecture that enables a user to access Web sites without disclosing personal information to untrusted machines. Delegate enforces rules at the proxy to detect and prevent session hijacking. This architecture leverages users´ trusted mobile devices, e.g., cell phones, and requires no modification to Web servers or the untrusted machines. Delegate is designed to provide a balance between security and usability
Keywords :
Internet; authorisation; invasive software; transaction processing; Delegate proxy-based architecture; keystroke logger; malware; online transactions; secret information; secure Web site access; session hijacking; trusted mobile devices; unauthorized transactions; untrusted machines; user authenticated session; Cellular phones; Computer architecture; Computer networks; Computer security; Information security; Internet; Libraries; Permission; Service oriented architecture; Web server;
Conference_Titel :
Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual
Conference_Location :
Miami Beach, FL
Print_ISBN :
0-7695-2716-7
DOI :
10.1109/ACSAC.2006.23
