A Proof of Concept Implementation of SSL/TLS Session-Aware User Authentication

Download Now
Provided by: ETH Zurich
Topic: Security
Format: PDF
Man-In-The-Middle (MITM) attacks pose a serious threat to SSL/TLS-based e-commerce applications, such as Internet banking. SSL/TLS session-aware user authentication can be used to mitigate the risks and to protect users against MITM attacks in an SSL/TLS setting. In this paper, the authors further delve into SSL/TLS session-aware user authentication and possibilities to implement it. More specifically, they overview, discuss, and put into perspective a proof of concept implementation that demonstrates the feasibility of the token-based approach.
Download Now

Find By Topic