Papers     Last modified: 08/27/03 12:11:47 PM

S.W. Smith.
WebALPS: Using Trusted Co-Servers to Enhance Privacy and Security of Web Interactions
Research Report RC21851, IBM T.J. Watson Research Center.
October 2000.


This report describes a project that aims to fill two gaps in recent security and privacy research. The first gap is trust. Too often, "security of Web transactions" reduces to "encryption of the channel"---and neglects to address what happens at the server on the other end. This oversight forces clients to trust the good intentions and competence of the server operator---but gives clients no basis for that trust. The second gap is secure coprocessing. Despite early academic research in the potential of this technology, and the subsequent industrial research that resulted highassurance, programmable secure coprocessors as COTS products, many in the computer science community still regard "secure hardware" as a synonym for "cryptographic accelerator.' This oversight neglects the real potential of COTS secure coprocessing technology to establish trusted islands of computation in hostile environments (e.g., at servers with risk of insider attack).

The WebALPS project proposes to address both issues by using secure coprocessors to establish trusted third parties atWeb servers. Having clients establish an SSL session into an application running inside the secure hardware at the Web server (instead of just using secure hardware to speed cryptography) provides a systematic way to enhance the security of a broad family of Web-based services---including security against insider attack---without requiring a substantial change to the currently deployed Web infrastructure.



See Also

Jiang Smith Minami 2001

Jiang thesis

ACM SigEcom Exchanges survey

Back to home page Maintained by Sean Smith,