ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Trusted paths for browsers
Full text PdfPdf (265 KB)
Source ACM Transactions on Information and System Security (TISSEC) archive
Volume 8 ,  Issue 2  (May 2005) table of contents
Pages: 153 - 186  
Year of Publication: 2005
ISSN:1094-9224
Authors
Zishuang (Eileen) Ye  Dartmouth College, Hanover, NH
Sean Smith  Dartmouth College, Hanover, NH
Denise Anthony  Dartmouth College, Hanover, NH
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 22,   Downloads (12 Months): 212,   Citation Count: 5
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1065545.1065546
What is a DOI?

ABSTRACT

Computer security protocols usually terminate in a computer; however, the human-based services which they support usually terminate in a human. The gap between the human and the computer creates potential for security problems. We examine this gap, as it is manifested in secure Web servers. Felten et al. demonstrated the potential, in 1996, for malicious servers to impersonate honest servers. In this paper, we show how malicious servers can still do this---and can also forge the existence of an SSL session and the contents of the alleged server certificate. We then consider how to systematically defend against Web spoofing, by creating a trusted path from the browser to the human user. We present potential designs, propose a new one, prototype it in open-source Mozilla, and demonstrate its effectiveness via user studies.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Alsaid, A. and Marti, D. 2002. Detecting web bugs with bugnosis: Privacy advocacy through education. In Proceedings of the 2nd Workshop on Privacy Enhancing Technologies, San Fransicsco, CA. Springer-Verlag, Berlin.
 
2
ArticSoft Limited. 2000 WebAssurity. Online resource. http://www.articsoft.com/webassurity. htm.
 
3
Barbalac, R. 2000. Making something look hacked when it isn't. The Risks Digest 21, 16 (Dec.).
 
4
Bonisteel, S. 2001. Microsoft browser slips up on SSL certificates. Online resource. http://www.computeruser.com/news/01/12/27/news4.html.
 
5
Dean, D. and Wallach, D. 2001. Personal communication.
 
6
Department of Defense. 1985. Trusted Computer System Evaluation Criteria. DoD 5200.28-STD.
 
7
Alan Dix , Janet Finlay , Gregory Abowd , Russell Beale, Human-computer interaction, Prentice-Hall, Inc., Upper Saddle River, NJ, 1997
 
8
Carl M. Ellison, The nature of a useable PKI, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.31 n.9, p.823-830, April 23, 1999
 
9
Ellison, C. 2000. Personal communication.
 
10
Carl Ellison , Chris Hall , Randy Milbert , Bruce Schneier, Protecting secret keys with personal entropy, Future Generation Computer Systems, v.16 n.4, p.311-318, Feb. 2000  [doi>10.1016/S0167-739X(99)00055-2]
 
11
Felten, E., Balfanz, D., Dean, D., and Wallach, D. 1997. Web spoofing: An internet con game. In The 20th National Information Systems Security Conference, Baltimore, MD.
 
12
Fogg, B., Soohoo, C., Danielson, D., Marable, L., Stanford, J., and Tauber, E. 2002. How do People Evaluate a Web Site's Credibility? Results from a Large Study. Tech. Rep., Consumer WebWatch/Stanford Persuasive Technology Lab.
13
Batya Friedman , David Hurley , Daniel C. Howe , Edward Felten , Helen Nissenbaum, Users' conceptions of web security: a comparative study, CHI '02 extended abstracts on Human factors in computing systems, April 20-25, 2002, Minneapolis, Minnesota, USA  [doi>10.1145/506443.506577]
 
14
GeoTrust, Inc. 2003. True site: Identity assurance for Web sites. Online resource. http://www.geotrust.com/true_site/index.htm.
 
15
Herzberg, A. and Gbara, A. 2004. Protecting (even) naive Web users, or: preventing spoofing and establishing credentials of Web sites. Draft.
 
16
S. Jiang , S. Smith , K. Minami, Securing Web Servers against Insider Attack, Proceedings of the 17th Annual Computer Security Applications Conference, p.265, December 10-14, 2001
 
17
K. Kain , Sean W. Smith , R. Asokan, Digital signatures and electronic documents: a cautionary tale, Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security, p.293-308, September 26-27, 2002
 
18
Lefranc, S. and Naccache, D. 2003. Cut-&-paste attacks with JAVA. In Information Security and Cryptology---ICISC 2002. LNCS 2587, Springer-Verlag, Berlin.
 
19
Marchesini, J., Smith., S., and Zhao, M. 2003. Keyjacking: Risks of the current client-side infrastructure. In Proceedings of the 2nd Annual PKI Research Workshop, Gaithersburg, MD.
 
20
Maremont, M. 1999. Extra! extra!: Internet hoax, get the details. The Wall Street Journal.
 
21
Mozilla Organization, the. 2001. Gecko DOM reference. Online resource. http://www.mozilla.org/docs/dom/domref/dom_window_ref.html.
 
22
Norman, E. 2002. Personal communication.
 
23
Paoli, F. D., DosSantos, A., and Kemmerer, R. 1997. Vulnerability of ‘secure’ web browsers. In Proceedings of the National Information Systems Security Conference.
 
24
Perrig, A. and Song, D. 1999. Hash visualization: A new technique to improve real-world security. In Proceedings of the 1999 International Workshop on Cryptographic Techniques and E-Commerce.
 
25
SSL and TLS: designing and building secure systems, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2001
 
26
Rome, J. 1995. Compartmented mode workstations. Online resource. http://www.ornl.gov/~jar/doecmw.pdf.
 
27
Secunia. 2004. Mozilla/mozilla firefox user interface spoofing vulnerability. Secunia Advisory SA12188. http://secunia.com/advisories/12188/.
 
28
Secure Software, Inc. EGADS homepage. Online resource. http://www.securesoftware.com/download_form_egads.htm.
 
29
Smith, S. 2000. WebALPS: Using Trusted Co-Servers to Enhance Privacy and Security of Web Interactions. Tech. Rep. IBM T.J. Watson Research Center Research Report RC 21851.
30
S. W. Smith, WebALPS: a survey of E-commerce privacy and security applications, ACM SIGecom Exchanges, v.2 n.3, p.29-36, Summer, 2001  [doi>10.1145/844324.844329]
 
31
S. W. Smith , D. Safford, Practical server privacy with secure coprocessors, IBM Systems Journal, v.40 n.3, p.683-695, March 2001
 
32
Sullivan, B. 2000. Scam artist copies payPal Web site. The page expired, but related discussion exists at http://www.landfield.com/isn/mail-archive/2000/Jul/0100.html.
 
33
Turner, C. 2003. How do consumers form their judgments of the security of e-commerce web sites? In ACM/CHI2003 Workshop on Human-Computer Interaction and Security Systems, Fort Lauderdale, FL. http://www.andrewpatrick.ca/CHI2003/HCISEC/index.html.
 
34
Tygar, J. and Whitten, A. 1996. WWW electronic commerce and Java trojan horses. In Proceeding of the 2nd USENIX Workshop on Electronic Commerce.
 
35
United States Securities And Exchange Commission. 1999. Litigation release no. 16266. Online Resource. http://www.sec.gov/litigation/litreleases/lr16266.htm.
 
36
Weiser, R. 2001. Personal communication.
 
37
Whitten, A. and Tygar, J. 1999. Why johnny can't encrypt: A usability evaluation of PGP 5.0. In Proceeding of the 8th USENIX Security Symposium (Washington D.C.).
 
38
Ye, Z. 2002. Building trusted paths for Web browsers. M.S. Thesis, Department of Computer Science, Dartmouth College, Hanover, NH.
 
39
Zishuang (Eileen) Ye , Sean Smith, Trusted Paths for Browsers, Proceedings of the 11th USENIX Security Symposium, p.263-279, August 05-09, 2002
 
40
Ye, Z., Yuan, Y., and Smith, S. 2002. Web Spoofing Revisited: SSL and Beyond. Tech. Rep. Department of Computer Science, Dartmouth College, TR2002-417.
 
41
Ka-Ping Yee, User Interaction Design for Secure Systems, Proceedings of the 4th International Conference on Information and Communications Security, p.278-290, December 09-12, 2002

CITED BY  5
Lorrie Faith Cranor, What do they "indicate?": evaluating security and privacy indicators, interactions, v.13 n.3, May + June 2006
Julie S. Downs , Mandy B. Holbrook , Lorrie Faith Cranor, Decision strategies and susceptibility to phishing, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania
Yue Zhang , Jason I. Hong , Lorrie F. Cranor, Cantina: a content-based approach to detecting phishing web sites, Proceedings of the 16th international conference on World Wide Web, May 08-12, 2007, Banff, Alberta, Canada
Lorrie Faith Cranor, A framework for reasoning about the human in the loop, Proceedings of the 1st Conference on Usability, Psychology, and Security, p.1-15, April 14-14, 2008, San Francisco, California
Amir Herzberg , Ahmad Jbara, Security and identification indicators for browsers against spoofing and phishing attacks, ACM Transactions on Internet Technology (TOIT), v.8 n.4, p.1-36, September 2008

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.4 Electronic Commerce
          Subjects: Security

Additional Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)


General Terms:
Human Factors, Security


Keywords:
HCISEC, Trust path, Web browser security

Collaborative Colleagues:
Zishuang (Eileen) Ye: colleagues
Sean Smith: colleagues
Denise Anthony: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player