Hypervisor technology in combination with tamper-resistant hardware such as Trusted Platform Modules has the potential of providing a significant new level of security for computers. These new systems will be able to protect legacy applications from applications such as malware, and they will enable the creation of new secure applications. This paper analyses the requirements for the graphical user interface (GUI) of such a system. First, application scenarios are presented to illustrate how extended Trusted Computing (TC) systems might be used in the future. Requirements for a trusted GUI are then derived from the analysis of articles on TC found in the media and from a survey of experts in information technology. These requirements are compared to existing proposals, showing how some of them are either inconvenient or insecure in the hands of end users. Based on this analysis, proposals are derived for the design of a trusted GUI suitable for laypersons and administrators, which uses familiar patterns, and yet protects against visual mimicry attacks. These proposals pave the way for hypervisors’ security-enhanced GUI.
[1]
Birgit Pfitzmann,et al.
Die PERSEUS Systemarchitektur
,
2001
.
[2]
Sihan Qing,et al.
Proceedings of the 7th international conference on Information and Communications Security
,
2001
.
[3]
Birgit Pfitzmann,et al.
Trusting Mobile User Devices and Security Modules
,
1997,
Computer.
[4]
Ka-Ping Yee,et al.
User Interaction Design for Secure Systems
,
2002,
ICICS.
[5]
Norman Feske,et al.
A Nitpicker’s guide to a minimal-complexity secure GUI
,
2005,
21st Annual Computer Security Applications Conference (ACSAC'05).
[6]
M. Schunter,et al.
An Open Trusted Computing Architecture — Secure Virtual Machines Enabling User-Defined Policy Enforcement
,
2006
.
[7]
Ahmad-Reza Sadeghi,et al.
Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing
,
2007,
The Second International Conference on Availability, Reliability and Security (ARES'07).
[8]
J. Doug Tygar,et al.
The battle against phishing: Dynamic Security Skins
,
2005,
SOUPS '05.