[转载]Current Anti-Phishing Solutions and Yahoo's Sign-in Seal
文章作者:Naveen Agarwal, Scott Renfro, and Arturo Bejar原始出处:[url]http://seclab.cs.rice.edu/w2sp/2007/[/url]
本文章是Web 2.0 Security & Privacy 2007大会议题。
[b]Abstract[/b]
We examine Yahoo!’s Sign-in Seal and some of the considerations that affected the design. Unlike solutions like SiteKey which are tied to a user’s account, Yahoo!’s sign-in Seal is tied to a browser. We have found “Rusty’s Axioms” to be useful for analyzing the security of both anti-phishing solutions and also other user interaction with our site.
页:
[1]