Academic
Publications
Unidirectional trusted path: Transaction confirmation on just one device

Unidirectional trusted path: Transaction confirmation on just one device,10.1109/DSN.2011.5958202,Atanas Filyanov,Jonathan M. McCuney,Ahmad-Reza Sadeg

Unidirectional trusted path: Transaction confirmation on just one device  
BibTex | RIS | RefWorks Download
Commodity computer systems today do not in- clude a full trusted path capability. Consequently, malware can control the user's input and output in order to reveal sensitive information to malicious parties or to generate manipulated transaction requests to service providers. Recent hardware offers compelling features for remote attestation and isolated code execution, however, these mechanisms are not widely used in deployed systems to date. We show how to leverage these mechanisms to establish a "one-way" trusted path allowing service providers to gain assurance that users' transactions were indeed submitted by a human operating the computer, instead of by malware such as transaction generators. We design, implement, and evaluate our solution, and argue that it is practical and offers immediate value in e-commerce, as a replacement for captchas, and in other Internet scenarios. Keywords-security; transaction confirmation; trusted path; trusted computing;
Conference: Dependable Systems and Networks - DSN , pp. 1-12, 2011
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.