Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine

14 years 5 months ago

Download www.itr-rescue.org

Performing sensitive online transactions using computers found in cybercaf´es and public libraries is risky. The untrusted nature of these machines creates a target rich environment. A simple keystroke logger, a common payload of many viruses, records and transmits the secret information (e.g., passwords, credit card numbers, PIN numbers) entered into these machines. In addition, sophisticated malware can hijack a user’s authenticated session to perform unauthorized transactions masquerading as the user. This paper presents Delegate, a proxy-based architecture that enables a user to access web sites without disclosing personal information to untrusted machines. Delegate enforces rules at the proxy to detect and prevent session hijacking. This architecture leverages users’ trusted mobile devices, e.g., cell phones, and requires no modiﬁcation to web servers or the untrusted machines. Delegate is designed to provide a balance between security and usability.

Ravi Chandra Jammalamadaka, Timothy W. van der Hor

Real-time Traffic

ACSAC 2006 | Delegate Enforces Rules | Security Privacy | Untrusted Machines | User’s Authenticated Session |

claim paper

Post Info
More Details (n/a)

Added	10 Jun 2010
Updated	10 Jun 2010
Type	Conference
Year	2006
Where	ACSAC
Authors	Ravi Chandra Jammalamadaka, Timothy W. van der Horst, Sharad Mehrotra, Kent E. Seamons, Nalini Venkatasubramanian

Comments (0)

Sciweavers

Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine

ACSAC 2006 | Delegate Enforces Rules | Security Privacy | Untrusted Machines | User’s Authenticated Session |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers