國立虎尾科技大學 |

The Security Layer.

Record Type:	Language materials, printed : Monograph/item
Title/Author:	The Security Layer./
Author:	O'Neill, Mark Thomas.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2019,
Description:	197 p.
Notes:	Source: Dissertations Abstracts International, Volume: 80-12, Section: B.
Contained By:	Dissertations Abstracts International80-12B.
Subject:	Computer Engineering. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=13427694
ISBN:	9781392195284

The Security Layer.
O'Neill, Mark Thomas.

The Security Layer. - Ann Arbor : ProQuest Dissertations & Theses, 2019 - 197 p.

Source: Dissertations Abstracts International, Volume: 80-12, Section: B.

Thesis (Ph.D.)--Brigham Young University, 2019.

This item must not be sold to any third party vendors.

In this dissertation we argue that the problems described are the result of an improper placement of security responsibilities. We show that by placing TLS services in the operating system, both new and existing applications can be automatically secured, developers can easily use TLS without intimate knowledge of security, and security settings can be controlled by administrators. This is demonstrated through three explorations that provide TLS features through the operating system. First, we describe and assess TrustBase, a service that repairs and strengthens certificate-based authentication for TLS connections. TrustBase uses traffic interception and a policy engine to provide administrators fine-tuned control over the trust decisions made by all applications on their systems. Second, we introduce and evaluate the Secure Socket API (SSA), which provides TLS as an operating system service through the native POSIX socket API. The SSA enables developers to use modern TLS securely, with as little as one line of code, and also allows custom tailoring of security settings by administrators. Finally, we further explore a modern approach to TLS client authentication, leveraging the operating system to provide a generic platform for strong authentication that supports easy deployment of client authentication features and protects user privacy. We conclude with a discussion of the reasons for the success of our efforts, and note avenues for future work that leverage the principles exhibited in this work, both in and beyond TLS.

ISBN: 9781392195284Subjects--Topical Terms:

796158
Computer Engineering.
Subjects--Index Terms:

Administrator

The Security Layer.
LDR:02721nam a2200397 4500 001 951802
005 20200821052158.5
008 200914s2019 ||||||||||||||||| ||eng d
020 $a 9781392195284
035 $a (MiAaPQ)AAI13427694
035 $a (MiAaPQ)byu:10901
035 $a AAI13427694
040 $a MiAaPQ $c MiAaPQ
100 1 $a O'Neill, Mark Thomas. $3 1241278
245 1 4 $a The Security Layer.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2019
300 $a 197 p.
500 $a Source: Dissertations Abstracts International, Volume: 80-12, Section: B.
500 $a Publisher info.: Dissertation/Thesis.
500 $a Advisor: Zappala, Daniel.
502 $a Thesis (Ph.D.)--Brigham Young University, 2019.
506 $a This item must not be sold to any third party vendors.
520 $a In this dissertation we argue that the problems described are the result of an improper placement of security responsibilities. We show that by placing TLS services in the operating system, both new and existing applications can be automatically secured, developers can easily use TLS without intimate knowledge of security, and security settings can be controlled by administrators. This is demonstrated through three explorations that provide TLS features through the operating system. First, we describe and assess TrustBase, a service that repairs and strengthens certificate-based authentication for TLS connections. TrustBase uses traffic interception and a policy engine to provide administrators fine-tuned control over the trust decisions made by all applications on their systems. Second, we introduce and evaluate the Secure Socket API (SSA), which provides TLS as an operating system service through the native POSIX socket API. The SSA enables developers to use modern TLS securely, with as little as one line of code, and also allows custom tailoring of security settings by administrators. Finally, we further explore a modern approach to TLS client authentication, leveraging the operating system to provide a generic platform for strong authentication that supports easy deployment of client authentication features and protects user privacy. We conclude with a discussion of the reasons for the success of our efforts, and note avenues for future work that leverage the principles exhibited in this work, both in and beyond TLS.
590 $a School code: 0022.
650 4 $a Computer Engineering. $3 796158
650 4 $a Computer science. $3 573171
653 $a Administrator
653 $a Kernel
653 $a Man in the middle
653 $a Operating system
653 $a Security
653 $a Tls
690 $a 0464
690 $a 0984
710 2 $a Brigham Young University. $b Computer Science. $3 1241279
773 0 $t Dissertations Abstracts International $g 80-12B.
790 $a 0022
791 $a Ph.D.
792 $a 2019
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=13427694