Name
Abstract | ||
|---|---|---|
Content Delivery Network (CDN) and Hypertext Transfer Protocol Secure (HTTPS) are two popular but independent web technologies, each of which has been well studied individually and independently. This paper provides a systematic study on how these two work together. We examined 20 popular CDN providers and 10,721 of their customer web sites using HTTPS. Our study reveals various problems with the current HTTPS practice adopted by CDN providers, such as widespread use of invalid certificates, private key sharing, neglected revocation of stale certificates, and insecure back-end communication. While some of those problems are operational issues only, others are rooted in the fundamental semantic conflict between the end-to-end nature of HTTPS and the man-in-the-middle nature of CDN involving multiple parties in a delegated service. To address the delegation problem when HTTPS meets CDN, we proposed and implemented a lightweight solution based on DANE (DNS-based Authentication of Named Entities), an emerging IETF protocol complementing the current Web PKI model. Our implementation demonstrates that it is feasible for HTTPS to work with CDN securely and efficiently. This paper intends to provide a context for future discussion within security and CDN community on more preferable solutions. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1109/SP.2014.12 | IEEE Symposium on Security and Privacy |
Keywords | Field | DocType |
protocols,stale certificates,computer network security,https,hypertext transfer protocol secure,internet,dane protocol,web technology,delegated service authentication,cdn,dns-based authentication of named entities,domain name system,content delivery network,authentication,servers | Public key infrastructure,Content delivery network,Internet privacy,World Wide Web,DNS-based Authentication of Named Entities,Authentication,Computer science,Computer security,Domain Name System,Hypertext Transfer Protocol over Secure Socket Layer,Delegation,The Internet | Conference |
ISSN | Citations | PageRank |
1081-6011 | 34 | 1.19 |
References | Authors | |
22 | 6 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jinjin Liang | 1 | 67 | 5.63 |
| Jian Jiang | 2 | 122 | 8.96 |
| Haixin Duan | 3 | 237 | 36.86 |
| Kang Li | 4 | 67 | 3.76 |
| Tao Wan | 5 | 60 | 3.14 |
| Jianping Wu | 6 | 408 | 53.61 |