Safe Passage for Passwords and Other Sensitive Data

14 years 6 months ago

Download sparrow.ece.cmu.edu

The prevalence of malware such as keyloggers and screen scrapers has made the prospect of providing sensitive information via web pages disconcerting for security-conscious users. We present Bumpy, a system to exclude the legacy operating system and applications from the trusted computing base for sensitive input, without requiring a hypervisor or VMM. Bumpy allows the user to specify strings of input as sensitive when she enters them, and ensures that these inputs reach the desired endpoint in a protected state. The inputs are processed in an isolated code module on the user’s system, where they can be encrypted or otherwise processed for a remote webserver. We present a prototype implementation of Bumpy.

Jonathan M. McCune, Adrian Perrig, Michael K. Reit

Real-time Traffic

Computer Networks | NDSS 2009 | Sensitive Information | Sensitive Input | Trusted Computing Base |

claim paper

Post Info
More Details (n/a)

Added	21 May 2010
Updated	21 May 2010
Type	Conference
Year	2009
Where	NDSS
Authors	Jonathan M. McCune, Adrian Perrig, Michael K. Reiter

Comments (0)

Sciweavers

Safe Passage for Passwords and Other Sensitive Data

Computer Networks | NDSS 2009 | Sensitive Information | Sensitive Input | Trusted Computing Base |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers