SSL/TLS session-aware user authentication against man-in-the-middle attacks
Rolf Oppliger,
eSECURITY Technologies Rolf Oppliger –
Abstract:
In spite of the fact that SSL/TLS is omnipresent in todays Internet commerce, it is highly vulnerable to man-in-the-middle (MITM) attacks. In this talk, we explain why this is the case and what possibilities one has at hand to protect SSL/TLS-secured Internet commerce against MITM attacks. In particular, we introduce, discuss, and put into perspective a technology called SSL/TLS session-aware (TLS-SA) user authentication that basically links a user authentication to a particular SSL/TLS session to reveal the existence of an MITM. The technology does not protect against malware taking control after user authentication (a so-called man-in-the-browser attack). So TLS-SA does not stop the general trend towards transaction authentication in addition to user authentication for applications with high security requirements, such as Internet banking.
Date: 2013-Apr-10 Time: 11:00:00 Room: 020
For more information:
Upcoming Events
INESC Brussels HUB Winter Meeting 2023
This edition of the HUB Winter Meeting will be co-organised with Science Business and will take place on the 30 and 31 January, in Lisbon, at Instituto Superior Técnico, Department of Computer Science and Engineering.
Please see below a summary of the agenda, this will be updated on the INESC Brussels HUB website regularly (confirmed speakers and other relevant info). Places for onsite participation are limited so registration is mandatory. Online participants will be sent a ZOOM link for each specific session on the 27th January.
INESC Brussels HUB website: https://hub.inesc.pt/
Monday, 30 January
a) Digital Europe Programme & Chips Act: state of play and possibilities for INESC.
9h to 10h30 GMT
(Exclusive for INESC researchers and administrators).
b) Science Business: how can INESC tap into Science Business network, activities and communications tools.
(Exclusive for INESC researchers and administrators).
c) Networking Lunch (for all onsite participants).
d) Roundtable: From rhetoric to reality – Embedding international strategy in the DNA of research organisations.
(Closed-door, roundtable workshop, Chatham House rules, open to INESC researchers and administrators, external participants by invitation only).
e) Networking Dinner
(By invitation only – INESC researchers participating onsite in the event are elegible to join).
Tuesday, 31 January
f) Workshop: How they did it? Strategic positioning for structural success in Horizon Europe: a discussion of best practices.
(Exclusive for INESC researchers, administrators and international invited speakers).
g) The public consultation on European R&I Programmes: Towards FP10.
(Closed-door, roundtable workshop, Chatham House rules, open to INESC researchers and administrators, external participants by invitation only).
h) Networking Lunch (for all onsite participants).
i) Management Committee meeting (Directors and POB members)
The HUB Winter Meeting aims at bringing together researchers and administrators from the 5 INESC institutes, affiliated higher education institutions in Portugal and abroad, with key European and global players, to:
– Discuss key research and innovation issues at EU level.
– Inform institutional policy and strategy.
– Exchange best-practices about R&I management, career development and policy positioning.
– Promote, discuss and deliver vision, visibility, networking and impactful communication.
– Create, identify and deepen partnerships and collaboration opportunities for collaborative R&I.