Abstract
The placement of an interception proxy in between a client and web server has its own implications. Therefore, it is more practical to take a “middle” approach that can moderate the ongoing and future SSL/TLS sessions while not compromising the user privacy. A policy rule in JSON schema and data is proposed in handling SSL/TLS connection delegated by a non-intrusive, pass-through proxy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Van der Linden, Maura A. Testing code security. CRC Press, (2007)
Jarmoc, Jeff. “SSL/TLS Interception Proxies and Transitive Trust.” Transitive Trust. Dell SecureWorks, (2012) http://www.secureworks.com/cyber-threat-intelligence/threats/transitive-trust/.
L.-S. Huang, A. Rice, E. Ellingsen, and C. Jackson. Analyzing forged ssl certificates in the wild. In To appear, IEEE Symposium on Security and Privacy, (2014)
O’Neill, Mark, et al. “TLS Proxies: Friend or Foe?.” arXiv preprint arXiv:1407.7146 (2014)
Holz, Ralph, et al. “The SSL landscape: a thorough analysis of the x. 509 PKI using active and passive measurements.” Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference ACM, (2011)
Rolf Oppliger, “SSL and TLS: Theory and Practice”, Artech House / Horizon, (2009)
Hoffman, P. and J. Schaad, “New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)”, RFC 5912, (2010)
fge/json-schema-validator, https://github.com/fge/json-schema-validator
Newman, Chris, Graham Klyne. “Date and Time on the Internet: Timestamps”, RFC 3339, (2002)
“An Introduction to JavaScript Object Notation (JSON) in JavaScript and .NET.” An Introduction to JavaScript Object Notation (JSON) in JavaScript and .NET. Microsoft, (2007). http://msdn.microsoft.com/en-us/library/bb299886.aspx
M. Droettboom et al, “Understanding JSON Schema Release 1.0”, Space Telescope Science Institute, (2014)
JSON: The Fat-Free Alternative to XML, http://www.json.org/xml.html
OpenSSL vulnerabilities, https://www.openssl.org/news/vulnerabilities.html
“JSON schema generator”, http://www.jsonschema.net
sslprobe, “SSL/TLS protocol and cipher suite scanner with JSON output”, https://github.com/noahwilliamsson/sslprobe
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jawi, S.M., Ali, F.H.M., Zulkipli, N.H.N. (2015). Nonintrusive SSL/TLS Proxy with JSON-Based Policy. In: Kim, K. (eds) Information Science and Applications. Lecture Notes in Electrical Engineering, vol 339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-46578-3_51
Download citation
DOI: https://doi.org/10.1007/978-3-662-46578-3_51
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-46577-6
Online ISBN: 978-3-662-46578-3
eBook Packages: EngineeringEngineering (R0)