Published: Dec 21, 2021
The following paper has been accepted at the 12th ACM Conference on Data and Application Security and Privacy (CODASPY 2022):
- Title: A Modular and Extensible Framework for Securing TLS
- Author: Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
- Abstract: While being both extremely powerful and popular, TLS is a protocol that is hard to securely deploy. On the one hand, system administrators are required to grasp several security concepts to fully understand the impact of each option and avoid misconfigurations. On the other hand, app developers should use cryptographic libraries in a secure way avoiding dangerous default settings or other subtleties (e.g., padding or modes of operations). To help secure TLS, we propose a modular framework, extensible with new features and capable of streamlining the mitigation process of known and newly discovered TLS attacks even for non-expert users.
- DOI: 10.1145/3508398.3511505
About the conference
- Name: 12th ACM Conference on Data and Application Security and Privacy (CODASPY 2022)
- Date: from April 25, 2022 to April 27, 2022
- Location: Baltimore, United States
- Website: http://www.codaspy.org/2022/
Related Tools
- TLSAssistant [documentation, code]