User requirements-aware security ranking in SSL protocol
نویسندگان
چکیده
منابع مشابه
SSL/TLS session-aware user authentication revisited
Man-in-the-middle (MITM) attacks pose a serious threat to SSL/TLS-based e-commerce applications, and there are only a few technologies available to mitigate the risks. In [OHB05], we introduced the notion of SSL/TLS session-aware user authentication to protect SSL/TLSbased e-commerce applications against MITM attacks, and we proposed an implementation based on impersonal authentication tokens. ...
متن کاملEnd-User Requirements for Wisdom-Aware EUD
This paper presents requirements elicitation study for a EUD tool for composing service-based applications. WIRE aims at enabling EUD by harvesting and recommending community composition knowledge (the wisdom), thus facilitating knowledge transfer from developers to end-users. The idea was evaluated with 10 contextual interviews to accountants, eliciting a rich set of information, which can lea...
متن کاملSecurity-Aware Adaptive Dynamic Source Routing Protocol
We present SADSR (Security-Aware Adaptive DSR), a secure routing protocol for mobile ad hoc networks. SADSR authenticates the routing protocol messages using digital signatures based on asymmetric cryptography. The basic idea behind SADSR is to have multiple routes to each destination and store a local trust value for each node in the network. A trust value is assigned to each path based on tru...
متن کاملSSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle
Man-in-the-middle attacks pose a serious threat to SSL/TLSbased electronic commerce applications, such as Internet banking. In this paper, we argue that most deployed user authentication mechanisms fail to provide protection against this type of attack, even when they run on top of SSL/TLS. As a possible countermeasure, we introduce the notion of SSL/TLS session-aware user authentication, and p...
متن کاملAnalysis of the SSL protocol
The SSL protocol is intended to provide a prac tical application layer widely applicable connection oriented mechanism for Internet client server com munications security This note gives a detailed tech nical analysis of the cryptographic strength of the SSL protocol A number of minor aws in the protocol and several new active attacks on SSL are presented however these can be easily corrected w...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: The Journal of Supercomputing
سال: 2011
ISSN: 0920-8542,1573-0484
DOI: 10.1007/s11227-010-0546-4