東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

The Security Layer.

O'Neill, Mark Thomas.

Linked to FindBook

Google Book

Amazon

博客來

The Security Layer.

Record Type:	Electronic resources : Monograph/item
Title/Author:	The Security Layer./
Author:	O'Neill, Mark Thomas.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2019,
Description:	197 p.
Notes:	Source: Dissertations Abstracts International, Volume: 80-12, Section: B.
Contained By:	Dissertations Abstracts International80-12B.
Subject:	Computer Engineering. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=13427694
ISBN:	9781392195284

The Security Layer.
O'Neill, Mark Thomas.

The Security Layer. - Ann Arbor : ProQuest Dissertations & Theses, 2019 - 197 p.

Source: Dissertations Abstracts International, Volume: 80-12, Section: B.

Thesis (Ph.D.)--Brigham Young University, 2019.

This item must not be sold to any third party vendors.

In this dissertation we argue that the problems described are the result of an improper placement of security responsibilities. We show that by placing TLS services in the operating system, both new and existing applications can be automatically secured, developers can easily use TLS without intimate knowledge of security, and security settings can be controlled by administrators. This is demonstrated through three explorations that provide TLS features through the operating system. First, we describe and assess TrustBase, a service that repairs and strengthens certificate-based authentication for TLS connections. TrustBase uses traffic interception and a policy engine to provide administrators fine-tuned control over the trust decisions made by all applications on their systems. Second, we introduce and evaluate the Secure Socket API (SSA), which provides TLS as an operating system service through the native POSIX socket API. The SSA enables developers to use modern TLS securely, with as little as one line of code, and also allows custom tailoring of security settings by administrators. Finally, we further explore a modern approach to TLS client authentication, leveraging the operating system to provide a generic platform for strong authentication that supports easy deployment of client authentication features and protects user privacy. We conclude with a discussion of the reasons for the success of our efforts, and note avenues for future work that leverage the principles exhibited in this work, both in and beyond TLS.

ISBN: 9781392195284Subjects--Topical Terms:

1567821
Computer Engineering.
Subjects--Index Terms:

Administrator

The Security Layer.
LDR:02721nmm a2200397 4500 001 2267765
005 20200821052158.5
008 220629s2019 ||||||||||||||||| ||eng d
020 $a 9781392195284
035 $a (MiAaPQ)AAI13427694
035 $a (MiAaPQ)byu:10901
035 $a AAI13427694
040 $a MiAaPQ $c MiAaPQ
100 1 $a O'Neill, Mark Thomas. $3 3545026
245 1 4 $a The Security Layer.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2019
300 $a 197 p.
500 $a Source: Dissertations Abstracts International, Volume: 80-12, Section: B.
500 $a Publisher info.: Dissertation/Thesis.
500 $a Advisor: Zappala, Daniel.
502 $a Thesis (Ph.D.)--Brigham Young University, 2019.
506 $a This item must not be sold to any third party vendors.
520 $a In this dissertation we argue that the problems described are the result of an improper placement of security responsibilities. We show that by placing TLS services in the operating system, both new and existing applications can be automatically secured, developers can easily use TLS without intimate knowledge of security, and security settings can be controlled by administrators. This is demonstrated through three explorations that provide TLS features through the operating system. First, we describe and assess TrustBase, a service that repairs and strengthens certificate-based authentication for TLS connections. TrustBase uses traffic interception and a policy engine to provide administrators fine-tuned control over the trust decisions made by all applications on their systems. Second, we introduce and evaluate the Secure Socket API (SSA), which provides TLS as an operating system service through the native POSIX socket API. The SSA enables developers to use modern TLS securely, with as little as one line of code, and also allows custom tailoring of security settings by administrators. Finally, we further explore a modern approach to TLS client authentication, leveraging the operating system to provide a generic platform for strong authentication that supports easy deployment of client authentication features and protects user privacy. We conclude with a discussion of the reasons for the success of our efforts, and note avenues for future work that leverage the principles exhibited in this work, both in and beyond TLS.
590 $a School code: 0022.
650 4 $a Computer Engineering. $3 1567821
650 4 $a Computer science. $3 523869
653 $a Administrator
653 $a Kernel
653 $a Man in the middle
653 $a Operating system
653 $a Security
653 $a Tls
690 $a 0464
690 $a 0984
710 2 $a Brigham Young University. $b Computer Science. $3 1670078
773 0 $t Dissertations Abstracts International $g 80-12B.
790 $a 0022
791 $a Ph.D.
792 $a 2019
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=13427694