Topic
Trusted path
About: Trusted path is a research topic. Over the lifetime, 150 publications have been published within this topic receiving 4513 citations. The topic is also known as: trusted channel.
Papers published on a yearly basis
Papers
6 Jul 2005
TL;DR: A new scheme is proposed, Dynamic Security Skins, that allows a remote web server to prove its identity in a way that is easy for a human user to verify and hard for an attacker to spoof.
Abstract: Phishing is a model problem for illustrating usability concerns of privacy and security because both system designers and attackers battle using user interfaces to guide (or misguide) users.We propose a new scheme, Dynamic Security Skins, that allows a remote web server to prove its identity in a way that is easy for a human user to verify and hard for an attacker to spoof. We describe the design of an extension to the Mozilla Firefox browser that implements this scheme.We present two novel interaction techniques to prevent spoofing. First, our browser extension provides a trusted window in the browser dedicated to username and password entry. We use a photographic image to create a trusted path between the user and this window to prevent spoofing of the window and of the text entry fields.Second, our scheme allows the remote server to generate a unique abstract image for each user and each transaction. This image creates a "skin" that automatically customizes the browser window or the user interface elements in the content of a remote web page. Our extension allows the user's browser to independently compute the image that it expects to receive from the server. To authenticate content from the server, the user can visually verify that the images match.We contrast our work with existing anti-phishing proposals. In contrast to other proposals, our scheme places a very low burden on the user in terms of effort, memory and time. To authenticate himself, the user has to recognize only one image and remember one low entropy password, no matter how many servers he wishes to interact with. To authenticate content from an authenticated server, the user only needs to perform one visual matching operation to compare two images. Furthermore, it places a high burden of effort on an attacker to spoof customized security indicators.
613 citations
8 May 2005
TL;DR: This work presents and analyzes seeing-is-believing, a system that utilizes 2D barcodes and camera-telephones to implement a visual channel for authentication and demonstrative identification of devices, and applies this visual channel to several problems in computer security.
Abstract: Current mechanisms for authenticating communication between devices that share no prior context are inconvenient for ordinary users, without the assistance of a trusted authority. We present and analyze seeing-is-believing, a system that utilizes 2D barcodes and camera-telephones to implement a visual channel for authentication and demonstrative identification of devices. We apply this visual channel to several problems in computer security, including authenticated key exchange between devices that share no prior context, establishment of a trusted path for configuration of a TCG-compliant computing platform, and secure device configuration in the context of a smart home.
599 citations
Patent•
20 Apr 1994
TL;DR: In this paper, a hardware latch is used to protect the codes in non-volatile memory from being overwritten by subsequent untrusted programs, and the latch is only reset at system restart, when control returns to the bootstrap program.
Abstract: A method and device for reliably assessing the integrity of a computer system's software prevents execution of corrupted programs at time of system initialization, enhancing system security. Programs and data comprising the system's trusted software, including all startup processes, are verified before being utilized. Methods to verify the trusted software use a hierarchy of both modification detection codes and public-key digital signature codes. The top-level codes are placed in a protectable non-volatile storage area, and are used by the startup program to verify the integrity of subsequent programs. A trusted initialization program sets a hardware latch to protect the codes in the non-volatile memory from being overwritten by subsequent untrusted programs. The latch is only reset at system restart, when control returns to the bootstrap program. Software reconfiguration is possible with trusted programs that write new top-level codes while the latch is open. The mechanism itself is immune to malicious software attack when the write-protect latch is closed before running untrusted software. Preferred embodiments in an IBM-compatible personal computer uses the reset switch to initiate a trusted path between the user and a program. Damage from certain classes of computer virus and trojan horse attacks is prevented. A system recovery process is described. A related improved method for user authentication uses a read-and -write memory protection latch to prevent access to sensitive authentication data.
448 citations
Patent•
26 Oct 1993TL;DR: In this article, a data communication system providing for the secure transfer and sharing of data via a local area network and/or a wide area network is described, which includes a secure processing unit which communicates with a personal keying device and a crypto media controller attached to a user's Workstation.
Abstract: A data communication system providing for the secure transfer and sharing of data via a local area network and/or a wide area network. The system includes a secure processing unit which communicates with a personal keying device and a crypto media controller attached to a user's Workstation. The communication between these processing elements generates a variety of data elements including keys, identifiers, and attributes. The data elements are used to identify and authenticate the user, assign user security access rights and privileges, and assign media and device attributes to a data access device according to a predefined security policy. The data elements are manipulated, combined, protected, and distributed through the network to the appropriate data access devices, which prevents the user from obtaining unauthorized data.
448 citations
Patent•
31 Aug 1992TL;DR: In this article, a system and method for auditing and controlling the use of a computer is presented, where an operating system and selected programs and data are stored on a protected media which cannot be modified by any ordinary user or application program, regardless of operating system privilege.
Abstract: A system and method for auditing and controlling the use of a computer. An operating system and selected programs and data , referred to as approved applications and approved data , are stored on a protected media which cannot be modified by any ordinary user or application program, regardless of operating system privilege. The protected media can be modified by the operating system, as well as by an administrator using a trusted path mechanism. The trusted path mechanism establishes a reliable communication channel between the administrator and the computer system. The present invention may be configured to collect user audit data concerning user activity and system status and to write the audit data to the protected media. Also, the present invention may be configured to limit execution of application programs to the approved applications.
199 citations
Related Topics (5)
Performance Metrics
| Year | Papers |
|---|---|
| 2021 | 1 |
| 2020 | 5 |
| 2019 | 8 |
| 2018 | 10 |
| 2017 | 11 |
| 2016 | 9 |