Currently the computer systems and software used by the average user offer virtually no security. Because of this many attacks, both simulated and real, have been described by the security community and have appeared in the popular press. This paper presents an approach to increase the level of security provided to users when interacting with otherwise unsafe applications and computing systems. The general approach, called Safe Areas of Computation (SAC), uses trusted devices, such as smart cards, to provide an area of secure processing and storage. This paper describes preliminary results of using the Safe Areas of Computation approach to protect specific browsing applications. The intent is for protected browsers to be used to interact with institutions that have requirements for high security, such as financial institutions that enable users to perform sensitive operations for electronic commerce or online banking.
André L. M. dos Santos, Richard A. Kemmerer