Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine

A
ACSAC
2006
22nd Annual Computer Security Applications Conference (ACSAC'06)
Abstract - Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ravi Chandra Jammalamadaka Articles by Timothy W. van der Horst Articles by Sharad Mehrotra Articles by Kent E. Seamons Articles by Nalini Venkasubramanian

22nd Annual Computer Security Applications Conference (ACSAC'06)

Miami Beach, Florida, USA

December 11-December 15

ISBN: 0-7695-2716-7

	ASCII Text	x
	Ravi Chandra Jammalamadaka, Timothy W. van der Horst, Sharad Mehrotra, Kent E. Seamons, Nalini Venkasubramanian, "Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine," Computer Security Applications Conference, Annual, pp. 57-66, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006.

	BibTex	x
	@article{ 10.1109/ACSAC.2006.23, author = {Ravi Chandra Jammalamadaka and Timothy W. van der Horst and Sharad Mehrotra and Kent E. Seamons and Nalini Venkasubramanian}, title = {Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2006}, issn = {1063-9527}, pages = {57-66}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.23}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine SN - 1063-9527 SP57 EP66 A1 - Ravi Chandra Jammalamadaka, A1 - Timothy W. van der Horst, A1 - Sharad Mehrotra, A1 - Kent E. Seamons, A1 - Nalini Venkasubramanian, PY - 2006 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Ravi Chandra Jammalamadaka, University of California, Irvine, USA

Timothy W. van der Horst, Brigham Young University, USA

Sharad Mehrotra, University of California, Irvine, USA

Kent E. Seamons, Brigham Young University, USA

Nalini Venkasubramanian, University of California, Irvine, USA

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.23

Performing sensitive online transactions using computers found in cybercaf?es and public libraries is risky. The untrusted nature of these machines creates a target rich environment. A simple keystroke logger, a common payload of many viruses, records and transmits the secret information (e.g., passwords, credit card numbers, PIN numbers) entered into these machines. In addition, sophisticated malware can hijack a user?s authenticated session to perform unauthorized transactions masquerading as the user.

This paper presents Delegate, a proxy-based architecture that enables a user to access web sites without disclosing personal information to untrusted machines. Delegate enforces rules at the proxy to detect and prevent session hijacking. This architecture leverages users? trusted mobile devices, e.g., cell phones, and requires no modification to web servers or the untrusted machines. Delegate is designed to provide a balance between security and usability.

Citation:

Ravi Chandra Jammalamadaka, Timothy W. van der Horst, Sharad Mehrotra, Kent E. Seamons, Nalini Venkasubramanian, "Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine," acsac, pp.57-66, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.