lunedì 29 marzo 2010

Attacchi a SSL (Man-In-The-Middle)

Articolo di 4 pagine, molto semplice, accessibile dal portale IEEExplore (ieeexplore.ieee.org, solo dalla rete di ateneo) che descrive un modo semplice per attaccare HTTPS/SSL (protocollo per collegarsi con banche e simili)


Man-in-the-Middle Attack to the HTTPS Protocol
Callegati, F. Cerroni, W. Ramilli, M.
Univ. of Bologna, Bologna;
This paper appears in: Security & Privacy, IEEE
Publication Date: Jan.-Feb. 2009
Volume: 7, Issue: 1
On page(s): 78-81
ISSN: 1540-7993
INSPEC Accession Number: 10460191
Digital Object Identifier: 10.1109/MSP.2009.12
Current Version Published: 2009-02-03
Abstract
Web-based applications rely on the HTTPS protocol to guarantee privacy and security in transactions ranging from home banking, e-commerce, and e-procurement to those that deal with sensitive data such as career and identity information. Users trust this protocol to prevent unauthorized viewing of their personal, financial, and confidential information over the Web.
Posta un commento