Skip to main content
SpringerLink
Log in

Nonintrusive SSL/TLS Proxy with JSON-Based Policy

  • Conference paper
  • First Online:
Information Science and Applications

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 339))

Abstract

The placement of an interception proxy in between a client and web server has its own implications. Therefore, it is more practical to take a “middle” approach that can moderate the ongoing and future SSL/TLS sessions while not compromising the user privacy. A policy rule in JSON schema and data is proposed in handling SSL/TLS connection delegated by a non-intrusive, pass-through proxy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Van der Linden, Maura A. Testing code security. CRC Press, (2007)

    Google Scholar 

  2. Jarmoc, Jeff. “SSL/TLS Interception Proxies and Transitive Trust.” Transitive Trust. Dell SecureWorks, (2012) http://www.secureworks.com/cyber-threat-intelligence/threats/transitive-trust/.

  3. L.-S. Huang, A. Rice, E. Ellingsen, and C. Jackson. Analyzing forged ssl certificates in the wild. In To appear, IEEE Symposium on Security and Privacy, (2014)

    Google Scholar 

  4. O’Neill, Mark, et al. “TLS Proxies: Friend or Foe?.” arXiv preprint arXiv:1407.7146 (2014)

    Google Scholar 

  5. Holz, Ralph, et al. “The SSL landscape: a thorough analysis of the x. 509 PKI using active and passive measurements.” Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference ACM, (2011)

    Google Scholar 

  6. Rolf Oppliger, “SSL and TLS: Theory and Practice”, Artech House / Horizon, (2009)

    Google Scholar 

  7. Hoffman, P. and J. Schaad, “New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)”, RFC 5912, (2010)

    Google Scholar 

  8. fge/json-schema-validator, https://github.com/fge/json-schema-validator

  9. Newman, Chris, Graham Klyne. “Date and Time on the Internet: Timestamps”, RFC 3339, (2002)

    Google Scholar 

  10. “An Introduction to JavaScript Object Notation (JSON) in JavaScript and .NET.” An Introduction to JavaScript Object Notation (JSON) in JavaScript and .NET. Microsoft, (2007). http://msdn.microsoft.com/en-us/library/bb299886.aspx

  11. M. Droettboom et al, “Understanding JSON Schema Release 1.0”, Space Telescope Science Institute, (2014)

    Google Scholar 

  12. JSON: The Fat-Free Alternative to XML, http://www.json.org/xml.html

  13. OpenSSL vulnerabilities, https://www.openssl.org/news/vulnerabilities.html

  14. “JSON schema generator”, http://www.jsonschema.net

  15. sslprobe, “SSL/TLS protocol and cipher suite scanner with JSON output”, https://github.com/noahwilliamsson/sslprobe

Download references

Author information

Authors and Affiliations

  1. Cybersecurity Malaysia, Seri Kembangan, Malaysia

    Suhairi Mohd Jawi

  2. Universiti Teknologi MARA, Shah Alam, Malaysia

    Fakariah Hani Mohd Ali & Nurul Huda Nik Zulkipli

Authors
  1. Suhairi Mohd Jawi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fakariah Hani Mohd Ali
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nurul Huda Nik Zulkipli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Suhairi Mohd Jawi , Fakariah Hani Mohd Ali or Nurul Huda Nik Zulkipli .

Editor information

Editors and Affiliations

  1. Department of Convergence Security, Kyonggi University, Institute of Creative Advanced Technology, Science and Engineering, Kyonggi-do, Korea, Republic of (South Korea)

    Kuinam J. Kim

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jawi, S.M., Ali, F.H.M., Zulkipli, N.H.N. (2015). Nonintrusive SSL/TLS Proxy with JSON-Based Policy. In: Kim, K. (eds) Information Science and Applications. Lecture Notes in Electrical Engineering, vol 339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-46578-3_51

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-46578-3_51

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-46577-6

  • Online ISBN: 978-3-662-46578-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation