This is a paper that I have written together with Sebastian Gajek, Ahmad-Reza Sadeghi, and Christian Stüble. I have presented the paper at the 1st Benelux Workshop on Information and System Security (
WISSec 2006) in Antwerpen, Belgium, last month. The paper aims at making the first steps towards the design and implementation of an open source and interoperable security architecture that prevents both classical phishing (e.g., e-mails luring unaware users to faked web sites) and the new emerging malware phishing, i.e., malicious software specifically tailored to certain services.
Our approach is based on the ideas of multicolored computing (e.g., red for the risky and green for the trusted domain), and a trusted wallet for storing credentials and authenticating sensitive services. Our solution requires no special care from users for identifying the right web sites while the disclosure of credentials is strictly controlled. In the paper we present the main idea of how to integrate countermeasures against phishing and malware into one sound security architecture. We also briefly sketch how to implement this architecture based on the
PERSEUS security framework, which utilizes Trusted Computing functionality and virtualization. The former is used to preserve system integrity, and the latter provides compartment isolation and software re-use.
To establish a trusted path to the trusted wallet we make use of the Secure GUI subsystem that is developed by the
EMSCB project for the PERSEUS system. the Secure GUI subsystem provides to each compartment an isolated graphics framebuffer, which are then multiplexed or switched to on the screen. To enable the user to authenticate the currently displayed compartment, the Secure GUI has a reserved area on the screen to which no compartment has access. The Secure GUI displays the compartment identifier and the color indicating a trusted (green) or untrusted (red) compartment there.
You can
download the paper as PDF.
