Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhancing Web Browsing Security on Public Terminals Using Mobile Composition Richard Sharp & Anil Madhavapeddy, Roy Want & Trevor Pering ACM MobiSys08.

Similar presentations


Presentation on theme: "Enhancing Web Browsing Security on Public Terminals Using Mobile Composition Richard Sharp & Anil Madhavapeddy, Roy Want & Trevor Pering ACM MobiSys08."— Presentation transcript:

1 Enhancing Web Browsing Security on Public Terminals Using Mobile Composition Richard Sharp & Anil Madhavapeddy, Roy Want & Trevor Pering ACM MobiSys Ahn Jung-Sang

2 Content IntroductionIntroduction System OverviewSystem Overview Security ModelSecurity Model Technical DetailsTechnical Details Performance EvaluationPerformance Evaluation ConclusionConclusion 2

3 Introduction CrimewareCrimeware –Malicious software to facilitate illegal activity Stealing identities, Committing fraud –Key-logger, Screen-grabber Most prevalent crimeware Current web security modelCurrent web security model –HTTPS/SSL Protects data when transmission between client & server Cannot preserve data in untrusted user PC 3

4 Introduction Split-Trust BrowsingSplit-Trust Browsing –Combination of 2 devices General purpose networked PC (untrusted) Personal trusted device –Linked together as device composition USB, Bluetooth, Wireless, Etc.. –Security-critical operations are performed in device. Using its display & keypad for I/O Information entered in device cannot be read by PC –Thwarting PC-based key-loggers 4

5 System Overview 5 Untrusted PC Trusted Personal Device Browser RDC Agent Browser Internet Web Server

6 System Overview RDC (Remote Device Communication) AgentRDC (Remote Device Communication) Agent –Forward message between web server & personal device With encryption & decryption –Session key is known only to server & device Crimeware on PC is unable to read Two separate Internet connectionsTwo separate Internet connections –Not means that establish an additional Internet connection –Tunnel data between server & device over PCs connection AssumptionAssumption –Web applications have been written explicitly to support split- trust browsing 6

7 Security Model Threat ModelThreat Model –Attackers motivation: to steal information Passive monitoring attacks: recording everything from PC Active injection attacks: injecting malicious data packets into PC –PC-based browser is untrustworthy Security Policy ModelSecurity Policy Model 1. Communication channel between server & device must be authenticated & encrypted. 2. All security-sensitive form must be filled by the device. 3. All security-sensitive information must be displayed only on the device. 4. Web app. must not allow submission from device to be replayed. 5. All security-critical operations must be initiated by the device. 7

8 Security Model Property 5Property 5 –All security-critical operations must be initiated by the device –Example Charlie says to Bob Please sign the following authorization to transfer $100 from your account to Alices account But paper says only I authorize the money transfer Bob signs the paper, and Charlie takes it to bank Charlie says to cashier Heres the authorization to transfer all funds from Bobs account to my account –Text of conformation must specify fully the action being initiated. 8

9 Security Model Property 4Property 4 –Web application must not allow form submission messages from device to be replayed Must not accept data arising from the same form submission –Why? - consider the following attack On-line banking sends a form asking to confirm money transfer When user submits the form, the PC records submit message Attacker may maliciously initiate another money transfer, and replay the users previous confirmation message to complete 9

10 Technical Details ArchitectureArchitecture –Trusted personal device: cell phone (Motorola E680) Connected using Bluetooth Runs a simple cHTML browser –Web browser: Firefox –RDC agent: implemented as a Firefox browser extension –Embedded message: AES-encrypted, Base64 10

11 Technical Details Embedding Split-Trust in HTMLEmbedding Split-Trust in HTML –Meta tag specifies that this page contains embedded messages –Form contains hidden field that stores value attribute –The name attribute associates form field with event 11

12 Technical Details RDC AgentRDC Agent –Run as a Firefox browser extension –Written in combination of JavaScript & XML –First checks for the meta tag If present, uses the DOM API to check if there are any rdc- prefixed hyperlink tag For each hyperlink tags, an event listener is added with a callback function –Forwards its associated message to the personal device 12

13 Technical Details RDC AgentRDC Agent –Authentication and Key Exchange Negotiation of a session key uses SSHv2 diffie-hellman-group1-sha1 with RSA host keys –Start with meta tag with name=kex-init 13

14 Technical Details Components on the Cell PhoneComponents on the Cell Phone –Crypto Layer Cross-compiled Open source GNU Multi-Precision Arithmetic Library (libGMP) Open source AES implementation –cHTML browser Unable to interface this system with phones built-in browser Implemented a simple cHTML browser as a Java MIDP app. –Interfaces with Crypto layer via a loopback TCP connection 14

15 Technical Details Dealing with FormsDealing with Forms –When user clicks tag RDC forwards rdc-onClick-0-msg to personal device. This message contains encrypted cHTML content + form field The phone relays message back to RDC in its HTML reponse This triggers the RDC to poll the phone for users response 15

16 Technical Details –When user select submit in phones browser Crypto layer encrypts user input Return it to RDC-agent in an HTTP response RDC agent inserts it into value attribute named rdc-…-response –Crimeware may swap the message other name Encrypted message contains a set of (, ) Avoiding Replay AttacksAvoiding Replay Attacks –Nonce & timestamp –Phones browser automatically copies this into response message –Then web application checks It has not seen the nonce before The response is timely 16

17 Performance Evaluation Measured the latency between server and deviceMeasured the latency between server and device –Message is encrypted using AES with 1024-bit key & Base64 –Message length is 850 byte Expect that most messages are smaller than this 17

18 Conclusion Crimeware is becoming a serious problemCrimeware is becoming a serious problem –The current web security model Protects data as it is transmitted between server & client But doesnt prevent crimeware attacks in end-point client Split-trust browsing through mobile compositionSplit-trust browsing through mobile composition –Allows users to combine their PC with trusted personal device –Security-critical operations are performed in device 18

19 Discussion Mobile application is installed on the untrusted terminalMobile application is installed on the untrusted terminal –Service providers have to modify their applications What makes a personal device trusted?What makes a personal device trusted? –The best case is specifically designed personal device but.. –How about PDA & cell phone? Usability issuesUsability issues –Links that causes new content to appear on the device Highlighted background? –Stick the personal device on the side of PC monitor 19


Download ppt "Enhancing Web Browsing Security on Public Terminals Using Mobile Composition Richard Sharp & Anil Madhavapeddy, Roy Want & Trevor Pering ACM MobiSys08."

Similar presentations


Ads by Google