TLS with trustworthy certificate authorities

机译：具有可信赖证书颁发机构的TLS

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Cloud platforms can leverage Trusted Platform Modules to help provide assurance to clients that cloud-based Web services are trustworthy and behave as expected. We discuss a variety of approaches to providing this assurance, and we implement one approach based on the concept of a trustworthy certificate authority. TaoCA, our prototype implementation, links cryptographic attestations from a cloud platform, including a Trusted Platform Module, with existing TLS-based authentication mechanisms. TaoCA is designed to enable certificate authorities, browser vendors, system administrators, and end users to define and enforce a range of trust policies for web services. Evaluation of the prototype implementation demonstrates the feasibility of the design, illustrates performance tradeoffs, and serves as an end-to-end, proof-of-concept evaluation of underlying trustworthy computing abstractions. The proposed approach can be deployed incrementally and provides new benefits while retaining compatibility with the existing public key infrastructure used for TLS.

机译：云平台可以利用受信任的平台模块来帮助向客户保证基于云的Web服务是可信赖的，并且行为符合预期。我们讨论了提供此保证的多种方法，并基于可信任证书颁发机构的概念实施了一种方法。 TaoCA（我们的原型实现）将来自云平台（包括受信任的平台模块）的加密证明与现有的基于TLS的身份验证机制链接在一起。 TaoCA旨在使证书颁发机构，浏览器供应商，系统管理员和最终用户能够定义和实施一系列针对Web服务的信任策略。对原型实现的评估证明了设计的可行性，说明了性能折衷，并充当了对基础可信赖计算抽象的端到端，概念验证评估。所提出的方法可以逐步部署并提供新的好处，同时保持与用于TLS的现有公钥基础结构的兼容性。

著录项

来源
《IEEE Conference on Communications and Network Security》|2016年|516-524|共9页
会议地点
作者
Kevin Walsh;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Web services; Browsers; Servers; Hardware; Cryptography;

机译：Web服务;浏览器;服务器;硬件;密码学;

相似文献

外文文献
中文文献
专利

1. Trust assessment of X.509 certificate based on certificate authority trustworthiness and its certificate policy [J] . Zakia El Uahhabi, Hanan El Bakkali International Journal of Internet Technology and Secured Transactions . 2018,第1期

机译：基于证书颁发机构可信度及其证书策略的X.509证书的信任评估
2. EXPLORATION STUDY OF CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT DESIGN FOR CERTIFICATION AUTHORITIES IN INDONESIA [J] . YOVA RULDEVIYANI, ARFIVE GANDHI, YUDHO GIRI SUCAHYO Journal of Theoretical and Applied Information Technology . 2018,第16期

机译：印度尼西亚认证机构的证书政策和认证实践声明设计的探索研究
3. EXPLORATION STUDY OF CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT DESIGN FOR CERTIFICATION AUTHORITIES IN INDONESIA [J] . YOVA RULDEVIYANI, ARFIVE GANDHI, YUDHO GIRI SUCAHYO Journal of Theoretical and Applied Information Technology . 2018,第16期

机译：印度尼西亚认证机构的证书政策和认证实践声明设计的探索研究
4. TLS with trustworthy certificate authorities [C] . Kevin Walsh IEEE Conference on Communications and Network Security . 2016

机译：与值得信赖的证书当局的TLS
5. A study of security threat modeling and its use in evaluation of the certificate authority client certificate authority system. [D] . Tai, Wai Yan Elsa. 2007

机译：安全威胁建模及其在证书颁发机构客户证书颁发机构系统评估中的应用的研究。
6. Certification information on trustworthy digital repository websites: A content analysis [O] . Devan Ray Donaldson 2020

机译：值得信赖的数字存储库网站的认证信息：内容分析
7. Detection of Rogue Certificates from Trusted Certificate Authorities Using Deep Neural Networks [O] . Zheng Dong, Kevin Kane, L. Jean Camp 2016

机译：使用深神经网络检测可信证书机构的流氓证书

TLS with trustworthy certificate authorities

摘要

著录项

相似文献

相关主题

期刊订阅