Delegate: A Proxy Based Architecture for Secure Website Access From an Untrusted Machine
Performing sensitive online transactions using computers found in cybercafes and public libraries is risky. The untrusted nature of these machines creates a target rich environment. A simple keystroke logger, a common payload of many viruses, records and transmits the secret information (e.g., passwords, credit card numbers, PIN numbers) entered into these machines. In addition, sophisticated malware can hijack a user's authenticated session to perform unauthorized transactions masquerading as the user. This paper presents Delegate, a proxy-based architecture that enables a user to access web sites without disclosing personal information to untrusted machines.