Sciweavers

COMCOM
2006
75views more  COMCOM 2006»
14 years 15 days ago
SSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle
Abstract. Man-in-the-middle attacks pose a serious threat to SSL/TLSbased electronic commerce applications, such as Internet banking. In this paper, we argue that most deployed use...
Rolf Oppliger, Ralf Hauser, David A. Basin
COMPUTER
2008
86views more  COMPUTER 2008»
14 years 17 days ago
SSL/TLS Session-Aware User Authentication
Man-in-the-middle (MITM) attacks pose a serious threat to SSL/TLS-based e-commerce applications, such as Internet banking. SSL/TLS session-aware user authentication can be used to ...
Rolf Oppliger, Ralf Hauser, David A. Basin
COMPSEC
2008
99views more  COMPSEC 2008»
14 years 17 days ago
SSL/TLS session-aware user authentication revisited
Man-in-the-middle (MITM) attacks pose a serious threat to SSL/TLS-based e-commerce applications, and there are only a few technologies available to mitigate the risks. In [OHB05], ...
Rolf Oppliger, Ralf Hauser, David A. Basin
KIVS
2007
Springer
14 years 6 months ago
A Proof of Concept Implementation of SSL/TLS Session-Aware User Authentication (TLS-SA)
Abstract Most SSL/TLS-based e-commerce applications employ conventional mechanisms for user authentication. These mechanisms—if decoupled from SSL/TLS session establishment—are...
Rolf Oppliger, Ralf Hauser, David A. Basin, Aldo R...