Enhancing web browsing security on public terminals using mobile composition

MobiSys'08 - Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services

Volumn , Issue , 2008, Pages 94-105

  Sharp, Richard ^a   Madhavapeddy, Anil ^a   Want, Roy ^b   Pering, Trevor ^b  

^a Citrix Systems Inc   (United States)

^b INTEL CORPORATION   (United States)

Author keywords

Crimeware; Phishing; Split trust; Trusted personal device; User interface design

Indexed keywords

CRIMEWARE; PHISHING; SPLIT-TRUST; TRUSTED PERSONAL DEVICE; USER INTERFACE DESIGN;

APPLICATIONS; ARCHITECTURAL DESIGN; CELLULAR TELEPHONE SYSTEMS; GLOBAL SYSTEM FOR MOBILE COMMUNICATIONS; INTERNET; MOBILE DEVICES; PORT TERMINALS; TELECOMMUNICATION EQUIPMENT; USER INTERFACES; VIDEO STREAMING; WIRELESS NETWORKS; WORLD WIDE WEB;

SECURITY OF DATA;

EID: 57349110593     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1378600.1378612     Document Type: Conference Paper

References (33)

1. ALVES, T., AND FELTON, D. TrustZone: Integrated hardware and software security, July 2004. ARM Report.
2. ANDERSON, R., Trusted Computing FAQ. Available at: http://www.cl.cam.ac. uk/users/rjal4/tcpa-faq.html
3. ANDERSON, R., STAJANO, F., AND LEE, J.-H. Security policies. In Advances in Computers, Vol. 55 (2001), Academic Press.
4. ANTI-PHISHING WORKING GROUP (APWG). Phishing activity trends report, June 2005. http://antiphishing.org/.
5. ANTI-PHISHING WORKING GROUP (APWG) expands online identity theft charter. Aug. 3rd 2005 edition of Business Wire. Available: http://www.businesswire.com/ .
6. BALFANZ, D., AND FELTON, E. Hand-held computers can be better smart cards. Proc. of USENIX Security 1999.
7. BBC NEWS: First mobile phone virus created: At http://news.bbc.co.Uk/1/ hi/technology/3809855.htm.
8. BLUETOOTH SPECIFICATION VERSION 1.1. Available at: http://www.bluetooth. com/.
9. BOSWELL, D., KING, B., OESCHGER, I., COLLINS, P., AND MURPHY, E. Creating Applications with Mozilla. O'Reilly, 2002.
10. CHOWN, P. Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS). RFC 3268.
11. COLE, B. Intel hardwires security in new mobile IA PXA27x CPU family. http://iappliancweb.com/story/OEG20040412N0006BC.htm.
12. DIERKS, T." The TLS protocol", IETF Network Working Group RFC 2246, January 1999.
13. FLANAGAN, D. JavaScript: The Definitive Guide. O'Reilly, 2002.
14. GARRISS, S., CACERES, R, BERGER, S., SAILER, R., VAN DOORN, L., & ZHANG, X., "Towards Trustworthy Kiosk Computing", Proc. of IEEE HotMobile 2007
15. HARKINS, D., AND CARREL, D. The Internet Key Exchange. RFC 2409.
16. JOSEFSSON, S. The Base 16, Base32, and Base64 data encodings. RFC 3548.
17. KAMADA, T. Compact HTML for small information appliances, 1998. W3CNote: Available: http://www.w3.org/TR/1998/NOTEcopactHTML19980209/
18. LECLAIRE, J. Pharming and SPIM plaguing Internet. 4th June 2005. TechNewsWorld. At http://www.technewsworld.com/story/news/42054.html.
19. LEYDEN, J. UK police issue "vicious" Trojan alert. 13th August 2004. The Register. Available from http://www.theregister.co.uk/2004/08/13/ trojan phish/.
20. McCUNE, J., PERRIG, A., REITER, M. Bump in the ether: a framework for securing sensitive user input. In Proceedings of USENIX 2006. USENIX Association.
21. MYERS, B. A. Using handhelds and PCs together. Communication of the ACM 44, 11 (2001), pp34-41.
22. NARAYANASWAMI, C., RAGHUNATH, M. T., KAMIJOH, N., AND INOUE, T. What would you do with 100 MIPS on your wrist? Tech. Rep. RC 22057 (98634), IBM Research, January 2001.
23. OPREA, A., BALFANZ, D., DURFEE, G., AND SMETTERS, D. Securing a remote terminal application with a mobile trusted device. In Proceedings of ACSA 2004. Available at: http://www.acsa-admin.org/.
24. PERING, T., AND KOZUCH, M. Situated mobility: Using situated displays to support mobile activities. In Public and Situated Displays: Social and Interactional Aspects of Shared Display Technologies (2003), Kluwer.
25. RAGHUNATH, M., NARAYANASWAMI, C., AND PINHANEZ, C. Fostering a symbiotic handheld environment. Computer 36, 9 (2003), pp56-65.
26. ROSS, B., JACKSON, C., MIYAKE, N., BONEH, D., AND MITCHELL, J. C. Stronger password authentication using browser extensions. In Proc. of the USENIX Security Symposium (2005), USENIX association.
27. ROSS, S. J., HILL, J. L., CHEN, M. Y., JOSEPH, A. D., CULLER, D. E., AND BREWER, E. A. A composable framework for secure multi-modal access to Internet services from Post-PC devices. Mobile. Network Applications. 7, 5 (2002), 389-406.
28. SCHNEIER, B. Applied cryptography: protocols, algorithms, and sourcecode in C. John Wiley & Sons, New York, 1994.
29. SHARP, R., SCOTT, J., AND BERESFORD, A. Secure mobile computing via public terminals. Proceedings of Pervasive 2006. Springer-Verlag.
30. SOPHOS PRESS RELEASE. UK online bank accounts put at risk by new trojan. Available from http://www.sophos.com/virusinfo/articles/ukbanktrojan.html.
31. WANT, R, PERING, T., DANNEELS, G., KUMAR, M., SUNDAR, M., & LIGHT, J. The personal server: Changing the way we think about ubiquitous computing. Proc. 4th Int. Conf. on Ubiquitous Computing, 2002, pp194-209. Goteburg, Sweden, Springer LNCS 2498.
32. YLONEN, T. SSH transport layer protocol. RFC 4253.
33. XMLHTTP. Available at: http://en.wikipedia.org/wiki/XMLHttpRequest.