Security of certificate-based protocols: focus on server authentication

Download
2015
Baran, Selim
Today, secure communication channels are mostly set up via certificate-based protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Although they have been used for years and in so many areas, from e-commerce and internet banking to secure channel needs in military, there have been several attacks on their security model, which forced researchers to make studies on them. In this thesis, we will explain their security model, the vulnerabilities discovered so far, the precautions for these vulnerabilities and at the end, we will focus on SSL authentication piece and the popular solutions for improving SSL server authentication, such as Certificate Pinning, Convergence and Certificate Transparency which are all in the active research area to define the future of SSL and TLS protocols.

Suggestions

Analysis of recent attacks on SSL/TLS protocols
Özden, Duygu; Cenk, Murat; Department of Cryptography (2016)
Transport Layer Security(TLS) and its predecessor Secure Socket Layer(SSL) are two important cryptographic, certificate based protocols that satisfy secure communication in a network channel. They are widely used in many areas such as online banking systems, online shopping, e-mailing, military systems or governmental systems. Being at the center of secure communication makes SSL and TLS become the target of attackers and an important field of study for researchers. So many vulnerabilities and attacks towar...
Privacy preserving database external layer construction algorithm via secure decomposition for attribute-based security policies
Turan, Uğur; Toroslu, İsmail Hakkı; Kantarcıoğlu, Murat; Department of Computer Engineering (2018)
Relational DBMS’scontinue to dominate th emarket an dinference problem on external schema has preserved its importance in terms of data privacy. Especially for the last 10 years, external schema construction for application-specific database usage has increased its independency from the conceptual schema, as the definitions and implementations of views and procedures have been optimized. After defining all mathematical background, this work offers an optimized decomposition strategy for the external schema, wh...
Three layer mathematical modelling of an elastic artery without and with aneurysm to predict the behavior
Jodati, Hossein; Aşık, Mehmet Zülfü; Geyik, Serdar; Department of Biomedical Engineering (2015)
Today, secure communication channels are mostly set up via certificate-based protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Although they have been used for years and in so many areas, from e-commerce and internet banking to secure channel needs in military, there have been several attacks on their security model, which forced researchers to make studies on them. In this thesis, we will explain their security model, the vulnerabilities discovered so far, the precautions fo...
Architectural design of an access control system for enterprise networks
Kirimer, Burak; Özgit, Attila (2007-11-09)
Client computers in enterprise networks have the potential to be the source of serious security problems, especially when their hardware and software components are out of physical administrative control. Besides, services in the network may have client configuration requirements. We propose a system composed of a policy management and enforcement server and client agents, which authenticates the client users and checks their computer configurations before allowing their access to services. The information ...
A Decision Support System for Optimal Selection of Enterprise Information Security Preventative Actions
Sonmez, Ferda Ozdemir; Günel Kılıç, Banu (2021-09-01)
Types and complexity of information security related vulnerabilities are growing rapidly and present numerous challenges to the enterprises. One of the key challenges is to identify the optimal set of precautions with limited budget. Despite the fact that majority of enterprises have a budget constraint for installing and maintaining the protection systems, the majority of the previous work only focus on prioritization of security targets and do not consider the preventative actions and budget constraints. ...
Citation Formats
S. Baran, “Security of certificate-based protocols: focus on server authentication,” M.S. - Master of Science, Middle East Technical University, 2015.