Issue No. 03 - March (2008 vol. 41)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MC.2008.98
Rolf Oppliger , eSECURITY Technologies
Ralf Hauser , PrivaSphere AG
David Basin , ETH Zurich
Overall, transport layer security with session-aware user authentication offers a promising approach to solving man-in-the-middle attack problems by leveraging the legacy authentication mechanisms and systems that the general public has become accustomed to using.
man-in-the-middle (MITM) attacks, security, user authentication, SSL/TLS protocols
D. Basin, R. Hauser and R. Oppliger, "SSL/TLS Session-Aware User Authentication," in Computer, vol. 41, no. , pp. 59-65, 2008.