liu.seSearch for publications in DiVA
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Characterizing the HTTPS Trust Landscape: A Passive View from the Edge
Linköpings universitet, Tekniska fakulteten.
SAP, Germany.
University of Calgary, Canada.
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska fakulteten.
2017 (engelsk)Inngår i: IEEE Communications Magazine, ISSN 0163-6804, E-ISSN 1558-1896, Vol. 55, nr 7, s. 36-42Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Our society increasingly relies on web-based services like online banking, shopping, and socializing. Many of these services heavily depend on secure end-to-end transactions to transfer personal, financial, and other sensitive information. At the core of ensuring secure transactions are the HTTPS protocol and the trust relationships between many involved parties, including users, browsers, servers, domain owners, and the third-party CAs that issue certificates binding ownership of public keys with servers and domains. This article presents an overview of the current trust landscape and provides statistics to illustrate and quantify some of the risks facing typical users. Using measurement results obtained through passive monitoring of the HTTPS traffic between a campus network and the Internet, we provide concrete examples and characterize the certificate usage and trust relationships in this complex landscape. By comparing our observations against known vulnerabilities and problems, we highlight and discuss the actual security that typical Internet users (e.g., the people on campus) experience. Our measurements cover both mobile and stationary users, consider the involved trust relationships, and provide insights into how the HTTPS protocol is used and the weaknesses observed in practice. While the security properties vary significantly between sessions, out of the 232 million HTTPS sessions we observed, more than 25 percent had weak security properties.

sted, utgiver, år, opplag, sider
Institute of Electrical and Electronics Engineers (IEEE), 2017. Vol. 55, nr 7, s. 36-42
HSV kategori
Identifikatorer
URN: urn:nbn:se:liu:diva-139568DOI: 10.1109/MCOM.2017.1600981ISI: 000405724800006OAI: oai:DiVA.org:liu-139568DiVA, id: diva2:1130080
Tilgjengelig fra: 2017-08-08 Laget: 2017-08-08 Sist oppdatert: 2018-03-27bibliografisk kontrollert

Open Access i DiVA

fulltext(346 kB)121 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 346 kBChecksum SHA-512
514a49d38f082a7b6030b7589d8e645e470e41c449a6442cda71e437e1266d5a022a2f5109e7b729d3d1a23f445e2501bfc027af6b5c4d6856de258bb05198fe
Type fulltextMimetype application/pdf

Andre lenker

Forlagets fulltekst

Søk i DiVA

Av forfatter/redaktør
Carlsson, Niklas
Av organisasjonen
I samme tidsskrift
IEEE Communications Magazine

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 121 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

doi
urn-nbn

Altmetric

doi
urn-nbn
Totalt: 314 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf