Journal ArticleDOI
Surf'N'Sign: client signatures on Web documents
Amir Herzberg,D. Naor +1 more
Reads0
Chats0
TLDR
The architecture and implementation of the solution, called Surf'N'Sign, is outlined in detail and it provides a signing mechanism at the client, as well as the capability to archive and preview the signed documents.Abstract:
The emergence of World Wide Web-based systems and Web transactions has led to the need to find a mechanism that provides electronic signature capabilities as a replacement for written signatures. Such a mechanism should guarantee authentication and nonrepudiation. Many Web applications could benefit greatly from such a mechanism, e.g., banking systems, tax filing, reservation systems, and corporate procedures. This paper discusses the various approaches that could be taken to provide such a mechanism and suggests a solution that provides client commitment on Web documents by means of digital signatures. The architecture and implementation of the solution, called Surf'N'Sign, is outlined in detail. Our design of the solution gives special consideration to the semantics of such a signature and to its proper and secure use on the Web. Its prototype was implemented at the IBM Haifa Research Laboratory as a plug-in to the Netscape Navigator browser and is integrated naturally into the browsing process. It provides a signing mechanism at the client, as well as the capability to archive and preview the signed documents. Surf'N'sign lends itself to easy integration with existing applications on the Web.read more
Citations
More filters
Patent
System and method for regulating the transmission of media data
TL;DR: In this article, a system and method regulate the transmission of media data is proposed, in which a header portion of a media file is encoded to include an access code corresponding to one or more permitted methods by which the media file may be transmitted over a network.
Journal ArticleDOI
Payments and banking with mobile personal devices
TL;DR: Mobile devices enable secure, convenient authorization of e-banking, retail payment, brokerage, and other types of transactions.
Posted Content
Security and Identification Indicators for Browsers against Spoofing and Phishing Attacks.
Amir Herzberg,Ahmad Jbara +1 more
TL;DR: TrustBar as mentioned in this paper is a browser extension for improved secure identification indicators, which can assign a name/logo to a secure site, presented by TrustBar when the browser presents that secure site; otherwise, TrustBar presents the certified site's owner name, and the name of the Certificate Authority (CA) who identified the owner.
TrustBar: Protecting (even Naïve) Web Users from Spoofing and Phishing Attacks
Amir Herzberg,Ahmad Gbara +1 more
TL;DR: TrustBar, a secure user interface add-on to browsers that identifies the site and the certificate authority, using logos or at least names (rather than URL) for protected web pages, and for unprotected pages, TrustBar displays highly visible warnings.
Journal ArticleDOI
Security and identification indicators for browsers against spoofing and phishing attacks
Amir Herzberg,Ahmad Jbara +1 more
TL;DR: TrustBar as discussed by the authors is a browser extension that allows users to assign a name or logo to identify SSL/TLS-protected sites, which can be used to identify protected sites by the name of the site, and by the certificate authority who identified the site.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Book
Programming Netscape Plug-Ins
TL;DR: The Netscape plug-in architecture real-time data streams and current bandwidth considerations server plush and client pull fetching URLs plug- in design and implementation real- time and bandwidth considerations choosing your platform, 16 vs. 32 bit installation considerations and more.