Trusted paths for browsers
Computer security protocols usually terminate in a computer; however, the human-based
services which they support usually terminate in a human. The gap between the human and …
services which they support usually terminate in a human. The gap between the human and …
Security and identification indicators for browsers against spoofing and phishing attacks
A Herzberg, A Jbara - ACM Transactions on Internet Technology (TOIT), 2008 - dl.acm.org
In spite of the use of standard Web security measures (SSL/TLS), users enter sensitive
information such as passwords into fake Web sites. Such fake sites cause substantial …
information such as passwords into fake Web sites. Such fake sites cause substantial …
The battle against phishing: Dynamic security skins
R Dhamija, JD Tygar - Proceedings of the 2005 symposium on Usable …, 2005 - dl.acm.org
Phishing is a model problem for illustrating usability concerns of privacy and security
because both system designers and attackers battle using user interfaces to guide (or …
because both system designers and attackers battle using user interfaces to guide (or …
Forcehttps: protecting high-security web sites from network attacks
C Jackson, A Barth - Proceedings of the 17th international conference …, 2008 - dl.acm.org
As wireless networks proliferate, web browsers operate in an increasingly hostile network
environment. The HTTPS protocol has the potential to protect web users from network …
environment. The HTTPS protocol has the potential to protect web users from network …
[PDF][PDF] Trustbar: Protecting (even naive) web users from spoofing and phishing attacks
A Herzberg, A Gbara - 2004 - researchgate.net
In spite of the use of standard web security measures (SSL/TLS), users often fail to
detectspoofedweb forms, and enter into them sensitive information such as passwords …
detectspoofedweb forms, and enter into them sensitive information such as passwords …
Building a secure web browser
S Ioannidis, SM Bellovin - 2001 - academiccommons.columbia.edu
Over the last several years, popular applications such as Microsoft Internet Explorer and
Netscape Navigator have become prime targets of attacks. These applications are targeted …
Netscape Navigator have become prime targets of attacks. These applications are targeted …
Visual spoofing of SSL protected web sites and effective countermeasures
Today the standard means for secure transactions in the World Wide Web (WWW) are the
SSL/TLS protocols, which provide secure (ie, private and authentic) channels between …
SSL/TLS protocols, which provide secure (ie, private and authentic) channels between …
SOMA: Mutual approval for included content in web pages
Unrestricted information flows are a key security weakness of current web design. Cross-site
scripting, cross-site request forgery, and other attacks typically require that information be …
scripting, cross-site request forgery, and other attacks typically require that information be …
Why Johnny can't surf (safely)? Attacks and defenses for web users
A Herzberg - computers & security, 2009 - Elsevier
In their seminal article “Why Johnny Can't Encrypt”[Whitten A, Tygar JD. Why Johnny can't
encrypt: a usability case study of PGP 5.0. In: Proceedings of the eighth USENIX security …
encrypt: a usability case study of PGP 5.0. In: Proceedings of the eighth USENIX security …
The dos and don'ts of client authentication on the web
Client authentication has been a continuous source of problems on the Web. Although many
well-studied tech-niques exist for authentication, Web sites continue to use extremely weak …
well-studied tech-niques exist for authentication, Web sites continue to use extremely weak …