Please use this identifier to cite or link to this item:
https://hdl.handle.net/20.500.11851/834
Title: | Server Notaries: a Complementary Approach To the Web Pki Trust Model | Authors: | Yüce, Emre Selçuk, Ali Aydın |
Keywords: | X.509 certificates Cryptography Internet |
Publisher: | Institution of Engineering and Technology | Source: | Yüce, E., & Selçuk, A. A. (2018). Server notaries: a complementary approach to the web PKI trust model. IET Information Security, 12(5), 455-461. | Abstract: | Secure socket layer/transport layer security (TLS) is the de facto protocol for providing secure communications over the Internet. It relies on the web PKI model for authentication and secure key exchange. Despite its relatively successful past, the number of web PKI incidents observed have increased recently. These incidents revealed the risks of forged certificates issued by certificate authorities without the consent of the domain owners. Several solutions have been proposed to solve this problem but no solution has yet received widespread adoption due to complexity and deployability issues. In this study, the authors propose an effective solution for this problem that allows a TLS server to detect a certificate substitution attack against its domain across the Internet. The proposed solution is practical and allows a smooth and gradual transition. They also give a triangulation algorithm enabling the server to find out the origin of the attack. They conducted simulation experiments using real-world BGP data and showed that their proposal can be effective for detecting and locating attacks using relatively few vantage points over the Internet. | URI: | https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8436509 https://hdl.handle.net/20.500.11851/834 |
ISSN: | 1751-8709 |
Appears in Collections: | Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection |
Show full item record
CORE Recommender
SCOPUSTM
Citations
1
checked on Dec 21, 2024
Page view(s)
94
checked on Dec 16, 2024
Google ScholarTM
Check
Altmetric
Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.