Skip to Main Content
This paper describes the design of a security system for protection of HTML documents and forms, based on the use of certificates, smart cards, and cryptographic encapsulation. Our system provides strong authentication of users based on smart cards and peer-to-peer authentication of users and Web servers based on the challenge/response protocol. Strong protection of Web documents and non-repudiation of Web transactions are provided by using digital certificates and digital envelopes. All security services are applied in both directions: from Web servers to browsers, and also from browsers to Web servers.