Title :
Using trusted platform module to mitigate SSL stripping
Author :
Mat Nor, Fazli ; Abd Jalil, Kamarularifin ; Abd Kadir, Adzhar ; Ab Manan, Jamalul-lail
Author_Institution :
Fac. of Comput. & Math. Sci., Univ. Teknol. MARA, Shah Alam, Malaysia
Abstract :
Electronic commerce refers to trading of services or products over electronic systems such as the Internet and other computer networks. Internet banking, electronic data interchange, and inventory management systems are some examples of popular electronic commerce applications. In such applications, Secure Socket Layer (SSL) would be used to provide authentication between the respective parties. Secure Socket Layer is designed to provide two security goals, i.e. to secure the connection and to ensure the integrity of data between two parties while communicating with each other. However, one of the recent attacks, called SSL stripping has raised security concerns for web applications using SSL. There are a number of existing protocols that can be used to mitigate this problem. Unfortunately, these protocols have some limitations. In this paper, a new authentication protocol is proposed to mitigate this attack. The proposed protocol uses the trusted platform module and is able to overcome the limitations faced by other existing protocols.
Keywords :
Internet; computer network security; electronic commerce; trusted computing; Internet banking; SSL; computer networks; electronic commerce; electronic data interchange; electronic systems; inventory management systems; mitigate SSL stripping; secure socket layer; trusted platform module; MIMO; Nonvolatile memory; Protocols; Security; Servers; Tin; ARP poisoning; Network; SSL stripping; remote attestation; trusted platform module;
Conference_Titel :
Open Systems (ICOS), 2013 IEEE Conference on
Conference_Location :
Kuching
Print_ISBN :
978-1-4799-3152-1
DOI :
10.1109/ICOS.2013.6735081
