Web Authentication based on a Community of Trust and on a User-centred Approach

By Karima Boudaoud and Nicolas Nobelis (I3S-CNRS Laboratory / University of Nice Sophia Antipolis)

Introduction

With the increasing growth of e-commerce and its importance to the global economy, the security of e-commerce systems and particularly of Web sites becoming more and more important. Many mechanisms have been proposed to ensure confidentiality and integrity of transactions. But even if some of these solutions have been deployed, security of e-commerce Web sites is still fragile. E-commerce Web sites are still vulnerable to many kind of attacks and those attacks are evolving continously. For example several high-profile Web sites such as Yahoo, Amazon, Ebay and financial institutions have been subject of spectacular attacks such as Denial of service and Phishing attacks that have caused important damages and the loss of a lot of money.

The aim of this paper is to propose a user-centered approach to improve security against the new generation of Web spoofing attacks.

Strategies against Web-spoofing attacks.

To manage Web spoofing attacks, several security solutions, based on proactive and reactive approaches, are proposed.

In order to be more efficient against Web spoofing attacks, the best strategy is to think about a collaborative approach between solutions deployed at server-side, client-side, particularly browsers, and ISPs.

Better trust relationships between users, browsers and Web sites

The success of recent phishing attacks has revealed the weakness of authentication mechanims used by e-commerce Web sites. In fact, if we take the example of phishing attacks that have been launched against financial institutions, their success is due to the fact that users believed in email they receive and in the Web Sites to which they connected. Thus, the first defense strategy against these kind of attacks is to help users to be sure of the identity of the Web site to which they connect.

Certificate-based authentication solutions seem a strong solution to ensure a trusted relationship between Web Sites and Users. However:

One possible naive solution could be proposed for W3C to:

However, this solution seems unlikely to be accepted by big certification authorities such as Verisign.

Thus, the questions are

Actually, nowadays, browsers are able to help users in identification of suspicious web sites, based mainly on Web sites certificates. However, this is not sufficient. What is required is a solution that ensures explicit collaboration between browsers and users in the validation process of Web sites. Therefore, in our opinion, we need to go through more user-centred approaches that make a balance between user believes, browsers trust metrics and security constraints.

If we consider that browsers use a kind of trust engine that uses trust metrics and blacklists to validate Web sites, it will be important to integrate the user in the decision process by offering the opportunity to establish:

So, a possible solution will be to offer the user an infrastructure that permits him to indicate the Web sites which he trusts.

Let us consider :

When the user tries to connect to a Web Site the trust engine will use, in addition to its own trust metrics, this UserTrustedList to validate the Site: Even if this approach is at its first stage, it seems to us very promising to improve the trust relationship between users and Web sites.

Recommendations for an efficient defense strategy against Web spoofing attacks

In our opinion, to efficiently manage security of the Web against Web spoofing attacks, we must :