Trusted path


A trusted path or trusted channel is a mechanism that provides confidence that the user is communicating with what the user intended to communicate with, ensuring that attackers can't intercept or modify whatever information is being communicated.
The term was initially introduced by Orange Book. As its security architecture concept, it can be implemented with any technical safeguards suitable for particular environment and risk profile.

Examples

Electronic signature

In Common Criteria and European Union electronic signature standards trusted path and trusted channel describe techniques that prevent interception or tampering with sensitive data as it passes through various system components:
  • trusted path — protects data from the user and a security component,
  • trusted channel — protects data between security component and other information resources.

    User login

One of popular techniques for password stealing in Microsoft Windows was login spoofing, which was based on programs that simulated operating system's login prompt. When users try to log in, the fake login program can then capture user passwords for later use. As a safeguard Windows NT introduced Ctrl-Alt-Del sequence as secure attention key to escape any third party programs and invoke system login prompt.
A similar problem arises in case of websites requiring authentication, where the user is expected to enter their credentials without actually knowing if the website is not spoofed. HTTPS mitigates this attack by first authenticating the server to the user, and only then displaying the login form.