Identificador persistente para citar o vincular este elemento: http://hdl.handle.net/10553/51896
Título: Pocket device for authentication and data integrity on Internet banking applications
Autores/as: De La Puente Arrate, Fernando 
Sandoval González, Juan Domingo 
Hernández Morera, Pablo Vicente 
Clasificación UNESCO: 330790 Microelectrónica
Palabras clave: Online Banking
Authentication
Data Integrity
Digital Signer Device
Optical Communication
Fecha de publicación: 2003
Editor/a: Institute of Electrical and Electronics Engineers (IEEE) 
Conferencia: 37th Annual International Carnahan Conference on Security Technology 
Resumen: During the last decades we have witnessed an exponential growth of the number of computer viruses. However, the real threat we are now facing is not so much the fact that a virus can make thousands of copies of itself in our computer, but the wide range of things they can do with the data stored or processed in it. One field in which this fact should be considered with special care is electronic banking. These online services are normally accessed from personal computers with low protection. The operating systems used on these computers tend to sacrifice the security on behalf of the commodity of the user. Under such circumstances, it would be rather easy to implement a man-in-the-middle attack in order to intercept the data exchanged with the bank. This way an attacker could end up controlling the money in our bank accounts. In order to illustrate this assertion, we will outline some possible attacks that can break the security of several security systems, from passwords authentication to smart cards. The conclusion that we extract from here is that we can not trust our computers: The data we input on the computer can be stolen, the data exchanged with other computers on the web can also be intercepted and even modified, and the output we get from the computer monitor may not correspond to the data it is about to process and send in our name. Therefore, an trusted device is needed when performing banking operations over the internet. Here we propose a digital signer device that not only provides a tamper proof storage for the digital signature but also provides its own display and keyboard. This system improves the security of smart cards by avoiding its dependence on the computer to interface with the user, making it immune to virus attacks.
URI: http://hdl.handle.net/10553/51896
ISBN: 0-7803-7882-2
DOI: 10.1109/CCST.2003.1297533
Fuente: 37Th Annual 2003 International Carnahan Conference On Security Technology, Proceedings, p. 43-50, (2003)
Colección:Actas de congresos
Vista completa

Google ScholarTM

Verifica

Altmetric


Comparte



Exporta metadatos



Los elementos en ULPGC accedaCRIS están protegidos por derechos de autor con todos los derechos reservados, a menos que se indique lo contrario.