DocumentCode :
3279651
Title :
SecureGo: A Hardware-Software Co-Protection against Identity Theft in Online Transaction
Author :
Lin, Kun ; Yuan, Lin ; Qu, Gang
Author_Institution :
Univ. of Maryland, College Park
fYear :
2007
fDate :
9-10 Aug. 2007
Firstpage :
59
Lastpage :
64
Abstract :
Identity theft and credit card fraudulence are among the major security problems for online shopping and other transactions. Current industry standard of multi-point personal information storage does not protect user´s identity effectively. Many online merchant servers use password authentication method, whose security flaws have been well-documented. Although there are many challenges in achieving secure online transaction, we propose a system that can greatly reduce the risk of identity theft over the Internet by enabling users to hide their identities from the online merchants and, to some extend, the Internet. Our system architecture reduces the above multi-point information storage system to a single-point offline solution. That is, user´s personal information will be stored on a secure offline database and a dedicated USB device. Such information will not be sent to the merchants to complete the online transactions. The SecureGo device can be connected to any host computer for online transactions, but decryption and encryption will be performed locally on the SecureGo USB device to prevent attacks such as the malicious host. This is a true hardware-software co-protection approach to ensure secure online transactions and user´s privacy. The dedicated hardware, the USB device, implements the secure (software) operations and has a unique ID to mask the user´s identity.
Keywords :
security of data; software architecture; transaction processing; SecureGo; hardware-software coprotection; multi-point personal information storage; online transaction; password authentication method; system architecture; Authentication; Credit cards; Cryptography; Information security; Internet; Privacy; Protection; Transaction databases; Universal Serial Bus; Web server;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Bio-inspired, Learning, and Intelligent Systems for Security, 2007. BLISS 2007. ECSIS Symposium on
Conference_Location :
Edinburgh
Print_ISBN :
0-7695-2919-4
Type :
conf
DOI :
10.1109/BLISS.2007.30
Filename :
4290940
Link To Document :
بازگشت