Trusted path

From Wikipedia, the free encyclopedia

Computer security Portal
This article does not cite any references or sources. (July 2007)
Please help improve this article by adding citations to reliable sources. Unverifiable material may be challenged and removed.

A trusted path is simply some mechanism that provides confidence that the user is communicating with what the user intended to communicate with, ensuring that attackers can't intercept or modify whatever information is being communicated.

As such it is the counterpart to needing trustworthy channels in that it assures users that they really are working with the program or system they intended to use.

The traditional example is a 'fake login' program (e.g.: a program is written to look like the login screen of a system, as in [Login spoofing]). When users try to log in, the fake login program can then capture user passwords for later use.

For the Windows operating system a trusted path is supported by the hardware when the user presses Ctrl+Alt+Del prior to logging in. The function of the Ctrl+Alt+Del keystroke is to cause the system to interrupt any program that may be impersonationg the login dialog and hence provides a trusted path to the Windows OS login.

This article relating to communication is a stub. You can help Wikipedia by expanding it.