When a display is shared among a plurality of applications, it is possible that one application pretends to be another application in order to make the user reveal confidential information, such as for example a personal identification number (PIN) or security code. This approach of an attacker is known as phishing. A forgery-proof or non-forgeable identity indicator can mitigate or solve this problem by displaying to the users anytime the application they actually view at the screen. The user may then decide whether this application is trustworthy or not.
For a forgery-proof identity indicator to fulfil its function the respective computer system or a trustworthy component thereof has to be able to determine the identity of an application and to name it for the user. Furthermore, the application as such must not influence the indicator.
Commercially available operating systems such as Windows7 or window managers based on Xorg have no possibility to determine the identity of an application. In these systems, every indicator about the identity of an application (e.g. window header or taskbar entry) is filled with content by the respective application itself and thus easily forgeable by a vicious application.
This problem of “not trustworthy” applications is not sufficiently dealt with in current operating systems. The following literature describes this problem and also the concept of non-forgeable identity indicators:                Jonathan S. Shapiro, John Vanderburgh, Eric Northup, and David Chizmadia. Design of the eros trusted window system. In USENIX Security Symposium, pages 165-178, 2004. (https://www.usenix.org/legacy/event/sec04/tech/full_papers/shapiro/shapiro.pdf).        N. Feske and C. Helmuth. A nitpickers guide to a minimal-complexity secure gui. In Proceedings of the 21st Annual Computer Security Applications Conference, pages 85-94, 2005 (http://www.acsac.org/2005/papers/54.pdf).        