Enhancing browser security by evaluation from public domain databases and business registries

Casper Skovmand Agesen

AbstractThe goal of the thesis is to provide a design for a browser plugin that can support the identification of Danish companies behind Danish websites and thus cement their validity and integrity by lookups in public databases and cross checking the data. This is needed because internet identities and their encryption methods are bought from companies that have to make a revenue and are not provided by the physical institutions that issue identities to its citizens. Therefore, money is a major instigator when it comes to digital trust schemes.
To help users see through phishing fraud is a major instigator for attempting to design such a plugin and there is a heavy emphasis on user studies with more or less successful attempts in trying to make them change default behaviour. The articles used are from 2004 an onwards and while technology has advanced, the basic issues of having to do with unaware users appear to stay the same. Alternative means of getting users to adapt security initiatives is therefore explored and elaborated.
There are also recent alternatives to current hierarchal certificate trust structure and it will solve distinct problems. In particular with having many independent top-level entities and their own chains of trust, in which they are allowed to trust themselves when nobody really should do that. It is also very easy to implement strictly on server side and is already live across many systems being used daily and will prevent pre-installed trust distribution with web browsers, however an actual break with the old methods have yet to come.
TypeMaster's thesis [Academic thesis]
Year2014
PublisherTechnical University of Denmark, Department of Applied Mathematics and Computer Science
AddressRichard Petersens Plads, Building 324, DK-2800 Kgs. Lyngby, Denmark, compute@compute.dtu.dk
SeriesDTU Compute M.Sc.-2014
NoteDTU supervisor: Christian D. Jensen, cdje@dtu.dk, DTU Compute
Electronic version(s)[pdf]
Publication linkhttp://www.compute.dtu.dk/english
BibTeX data [bibtex]
IMM Group(s)Computer Science & Engineering