Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2009
ACM
2009
ACM
TruWallet: trustworthy and migratable wallet-based web authentication
Identity theft has fostered to a major security problem on the Internet, in particular stealing passwords for web applications through phishing and malware. We present TruWallet, a wallet-based authentication tool that improves previous solutions for protecting web-based authentication. In contrast to other wallet-based solutions, TruWallet provides (i) strong protection for users’ credentials and sensitive data by cryptographically binding them to the user’s platform configuration based on Trusted Computing technology, (ii) an automated login procedure where the server is authenticated independently from (SSL) certificates, thus limiting the possibility of attacks based on hijacked certificates and allowing less dependency on the SSL PKI model, and (iii) a secure migration protocol for transferring wallet data to other platforms. Our implementation uses a small virtualization-based security kernel with trusted computing support and works with standard SSL-based authentication ...
Real-time Traffic| Added | 24 Jul 2010 |
| Updated | 24 Jul 2010 |
| Type | Conference |
| Year | 2009 |
| Where | CCS |
| Authors | Sebastian Gajek, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy |
Comments (0)
Researcher Info
|
