|
|
 |
| |
|
|
|
Proxy Server Authentication for Blocking HTTP-Cache- Poisoning Attacks |
|
|
|
PP: 483-492 |
|
|
|
Author(s) |
|
|
|
Wookey Lee,
Simon S. H. Park,
Chasung Lim,
Jinho Kim,
Sangwon Kang,
|
|
|
|
Abstract |
|
|
| E-commerce systems have usually been processed by credit cards and public certificate via web sites where the client passes
through web proxy server or the route of proxy server. In these systems, private information such as credit card numbers and passwords
need to be protected by SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption. But private information is still
vulnerable to sniffing attacks through changing certificates of proxy servers, which is called the attacking of SSL-in-the-middle proxy.
This paper analyzes credit card security systems which are defenseless against the hacking of false proxy server. It also proposes an
effective method for protecting against the attacks of authentication proxy server Man-In-The Middle. |
|
|
|
|
|
|
|
