NDLI: In-the-wire authentication: Protecting client-side critical data fields in secure network transactions

Content Provider	IEEE Xplore Digital Library
Author	Currie, M.W.
Copyright Year	2009
Description	Author affiliation: Ziliant Systems, Durban, South Africa (Currie, M.W.)
Abstract	Secure Internet services like online banking require a "trusted terminal" on the client-side. However, even where strong client-side security is employed, the client PC is often used for input and output of sensitive information like PINs/passwords, amounts, account numbers, etc. These transactions are therefore vulnerable to manipulation by malware. A method is presented here allowing web users to share small amounts of secret information including passwords and account numbers with a large number of existing Internet services by creating a cryptographically secure trusted path between the web user and the service. The trusted path is created with the support of a hand-held user terminal device "in-the-wire" between the user's PC and the service thus preventing malware on the user's PC from manipulating login and other sensitive data. A key feature is that the trusted terminal device can be retrofitted on the client-side and require no changes to the server-side. This creates a new class of client-centric communications security hardware allowing web users to protect their transactions using strong hardware security without relying on service providers. It offers the industry an alternative to the current service-centric approach which is often hamstrung by a chicken-and-egg problem of critical mass adoption.
Starting Page	232
Ending Page	237
File Size	137160
Page Count	6
File Format	PDF
ISBN	9781424435227
ISSN	08558906
DOI	10.1109/ICASTECH.2009.5409720
Language	English
Publisher	Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher Date	2009-01-14
Publisher Place	Ghana
Access Restriction	Subscribed
Rights Holder	Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subject Keyword	Data security Internet security Password security Man-in-the-middle Network servers Web and internet services Authentication Information security Computer network security TLS security Cryptography IP networks Protection Web server Computer security
Content Type	Text
Resource Type	Article

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in