CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
User Interaction Design for Secure Systems
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Extended Password Key Exchange Protocols Immune to Dictionary Attacks
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Web wallet: preventing phishing attacks by revealing user intentions
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Sessionlock: securing web sessions against eavesdropping
Proceedings of the 17th international conference on World Wide Web
Forcehttps: protecting high-security web sites from network attacks
Proceedings of the 17th international conference on World Wide Web
Robust defenses for cross-site request forgery
Proceedings of the 15th ACM conference on Computer and communications security
Blueprint: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
A zero knowledge password proof mutual authentication technique against real-time phishing attacks
ICISS'07 Proceedings of the 3rd international conference on Information systems security
ICICS'07 Proceedings of the 9th international conference on Information and communications security
SessionShield: lightweight protection against session hijacking
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Reliable protection against session fixation attacks
Proceedings of the 2011 ACM Symposium on Applied Computing
App isolation: get the security of multiple browsers with just one
Proceedings of the 18th ACM conference on Computer and communications security
SessionSafe: implementing XSS immune session handling
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
GlassTube: a lightweight approach to web application integrity
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Hi-index | 0.00 |
This paper presents "BetterAuth", an authentication protocol for Web applications. Its design is based on the experiences of two decades with the Web. BetterAuth addresses existing attacks on Web authentication, ranging from network attacks to Cross-site Request Forgery up to Phishing. Furthermore, the protocol can be realized completely in standard JavaScript. This allows Web applications an early adoption, even in a situation with limited browser support.