Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing

A
ARES
2007
The Second International Conference on Availability, Reliability and Security (ARES'07)
Abstract - Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Sebastian Gajek Articles by Ahmad-Reza Sadeghi Articles by Christian Stuble Articles by Marcel Winandy

The Second International Conference on Availability, Reliability and Security (ARES'07)

Vienna, Austria

April 10-April 13

ISBN: 0-7695-2775-2

	ASCII Text	x
	Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stuble, Marcel Winandy, "Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing," Availability, Reliability and Security, International Conference on, pp. 120-127, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.59, author = {Sebastian Gajek and Ahmad-Reza Sadeghi and Christian Stuble and Marcel Winandy}, title = {Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {120-127}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.59}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing SN - 0-7695-2775-2 SP120 EP127 A1 - Sebastian Gajek, A1 - Ahmad-Reza Sadeghi, A1 - Christian Stuble, A1 - Marcel Winandy, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Sebastian Gajek, Ruhr-University Bochum, Germany

Ahmad-Reza Sadeghi, Ruhr-University Bochum, Germany

Christian Stuble, Ruhr-University Bochum, Germany

Marcel Winandy, Ruhr-University Bochum, Germany

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.59

Identity theft through phishing attacks has become a major concern for Internet users. Typically, phishing attacks aim at luring the user to a faked web site to disclose personal information. Existing solutions proposed against this kind of attack can, however, hardly counter the new generation of sophisticated malware phishing attacks, e.g., pharming Trojans, designed to target certain services. This paper aims at making the first steps towards the design and implementation of a security architecture that prevents both classical and malware phishing attacks. Our approach is based on the ideas of compartmentalization for isolating applications of different trust level, and a trusted wallet for storing credentials and authenticating sensitive services. Once the wallet has been setup in an initial step, our solution requires no special care from users for identifying the right web sites while the disclosure of credentials is strictly controlled. Moreover, a prototype of the basic platform exists and we briefly describe its implementation.

Citation:

Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stuble, Marcel Winandy, "Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing," ares, pp.120-127, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.