Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
COMPUTER
2008
2008
SSL/TLS Session-Aware User Authentication
Man-in-the-middle (MITM) attacks pose a serious threat to SSL/TLS-based e-commerce applications, such as Internet banking. SSL/TLS session-aware user authentication can be used to mitigate the risks and to protect users against MITM attacks in an SSL/TLS setting. In this paper, we further delve into SSL/TLS session-aware user authentication and possibilities to implement it. More specifically, we overview, discuss, and put into perspective a proof of concept implementation that demonstrates the feasibility of the token-based approach. The results are promising, and we intend to develop turnkey solutions that can be used to secure e-commerce applications in terms of protection against MITM attacks. Keywords. Electronic commerce, security, man-in-the-middle attack, SSL/TLS protocol, SSL/TLS-aware user authentication
Real-time Traffic| Added | 09 Dec 2010 |
| Updated | 09 Dec 2010 |
| Type | Journal |
| Year | 2008 |
| Where | COMPUTER |
| Authors | Rolf Oppliger, Ralf Hauser, David A. Basin |
Comments (0)
Researcher Info
|
