Abstract
Visualizing security status information in web browsers has been a complex matter ever since. With novel security standards getting into wide spread use and entering the browser, this task becomes even more complex. This paper addresses this issue by analyzing the current state of the art in browser support for DNSSEC. As a result of this analysis, it is emphasized that the visual cues used for TLS and the ones for DNSSEC are not unambiguous and hence are more confusing than beneficial. An improvement is suggested, that relies on the idea of visualizing security services instead of security standard specifics. The paper contributes an icon set following this idea and presents evaluation results obtained by a user study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Freier, A., Karlton, P., Kocher, P.: The Secure Sockets Layer (SSL) Protocol Version 3.0. RFC 6101, Internet Engineering Task Force (August 2011), http://www.rfc-editor.org/rfc/rfc6101.txt
Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, Internet Engineering Task Force (August 2008), http://www.rfc-editor.org/rfc/rfc5246.txt
Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F.: Crying wolf: An empirical study of ssl warning effectiveness. In: Usenix Security (2009)
Egelman, S., Cranor, L.F., Hong, J.: You’ve been warned: an empirical study of the effectiveness of web browser phishing warnings. In: Proceedings of the Twenty-Sixth Annual SIGCHI Conference on Human Factors in Computing Systems, CHI 2008, pp. 1065–1074. ACM, New York (2008)
Eastlake, D.: Domain Name System Security Extensions. RFC 2535, Internet Engineering Task Force (March 1999), http://www.rfc-editor.org/rfc/rfc2535.txt
Internet Society: What is the correct ”user experience” for DNSSEC in a web browser? Technical report (January 2012), http://www.internetsociety.org/deploy360/blog/2012/01/what-is-the-correct-user-experience-for-dnssec-in-a-web-browser/
Menezes, A.J., Vanstone, S.A., Van Oorschot, P.C.: Handbook of Applied Cryptography, 1st edn. CRC Press, Inc. (1996)
Mockapetris, P.: Domain names - concepts and facilities. RFC 1034, Internet Engineering Task Force (November 1987), http://www.rfc-editor.org/rfc/rfc1034.txt
Mockapetris, P.: Domain names - implementation and specification. RFC 1035, Internet Engineering Task Force (November 1987), http://www.rfc-editor.org/rfc/rfc1035.txt
Kaminsky, D.: It’s the end of the cache as we know it. In: Black Ops. (2008)
Lexis, P.: Implementing a DANE validator. Technical report, University of Amsterdam (February 2012), http://staff.science.uva.nl/~delaat/rp/2011-2012/p29/report.pdf
Hoffman, P., Schlyter, J.: The DNS-Based Authentication of Named Entities (DANE) Protocol for Transport Layer Security (TLS). Internet-draft, Internet Engineering Task Force (February 2012), http://www.ietf.org/id/draft-ietf-dane-protocol-17.txt
Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., Wright, T.: Transport Layer Security (TLS) Extensions. RFC 4366, Internet Engineering Task Force (April 2006), http://www.rfc-editor.org/rfc/rfc4366.txt
Langley, A.: DNSSEC authenticated HTTPS in Chrome. Technical report (June 2011), http://www.imperialviolet.org/2011/06/16/dnssecchrome.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hirsch, T., Lo Iacono, L., Wechsung, I. (2012). How Much Network Security Must Be Visible in Web Browsers?. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2012. Lecture Notes in Computer Science, vol 7449. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32287-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-32287-7_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32286-0
Online ISBN: 978-3-642-32287-7
eBook Packages: Computer ScienceComputer Science (R0)