Abstract
This article describes the process of creating a dynamic-link library for SSL certificate management. The use of these libraries is usually between client-server, for communication security. The programming of a dynamic link infrastructure entails a sequence of modules for the adaptation of the requirements of a client-server system. Each module is managed by external libraries, between them the OpenSSL libraries. The proposed infrastructure uses OpenSSL libraries in client-server communication environments, resulting in interoperability between programming languages for example, Java to C/C++ migration for the creation of a secure communication environment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kim, H., Wasicek, A., Mehne, B., Lee, E.A.: A secure network architecture for the internet of things based on local authorization entities. In: Proceedings - 2016 IEEE 4th International Conference on Future Internet of Things and Cloud, FiCloud 2016, pp. 114–122 (2016)
Ranjbar, A., Komu, M., Salmela, P., Aura, T.: An SDN-based approach to enhance the end-to-end security: SSL/TLS case study. In: Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, pp. 281–288 (2016)
Loebenberger, D., Nüsken, M.: Notions for RSA integers. Int. J. Appl. Cryptol. 3(2), 116–138 (2014)
Ghafoor, I., Jattalai, I., Durrani, S., Ch, M.T.: Analysis of OpenSSL heartbleed vulnerability for embedded systems. In: 17th IEEE International Multi Topic Conference: Collaborative and Sustainable Development of Technologies, IEEE INMIC 2014 - Proceedings, pp. 314–319 (2014)
Zhang, L., et al.: Analysis of SSL certificate reissues and revocations in the wake of Heartbleed. In: Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC, pp. 489–502 (2014)
Dietz, W., Li, P., Regehr, J., Adve, V.: Understanding integer overflow in C/C++. In: Proceedings - International Conference on Software Engineering, pp. 760–770 (2012)
Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating SSL certificates in non-browser software. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 38–49 (2012)
Papadimitriou, S., Moussiades, L.: Combining Scala with C++ for efficient scientific computation in the context of ScalaLab. In: Lecture Notes in Engineering and Computer Science, vol. 2223, pp. 409–412 (2016)
Brubaker, C., Jana, S., Ray, B., Khurshid, S., Shmatikov, V.: Using frankencerts for automated adversarial testing of certificate validation in SSL/TLS implementations. In: Proceedings - IEEE Symposium on Security and Privacy, pp. 114–129 (2014)
Suga, Y.: SSL/TLS servers status survey about enabling forward secrecy. In: Proceedings - 2014 International Conference on Network-Based Information Systems, NBiS 2014, pp. 501–505 (2014)
Berbecaru, D., Desai, A., Lioy, A.: A unified and flexible solution for integrating CRL and OCSP into PKI applications. Softw. Pract. Exp. 39(10), 891–921 (2009)
Roman Garcia, F.: Desarrollo de librerias de firma ciega para OpenSSL. Universitat Politecnica de Catalunya (2016)
Vargas, J., Guevara, D., Mayorga, F., Sánchez, F., Díaz, D.: Generación de librerías de código base para autenticación a través de certificados SSL generados automáticamente utilizando Java (2016)
Delaney, S.: Secure embedded communications. Electronic Products (Garden City, New York), 53(4) (2011)
Chen, L., Tao, L., Li, X., Lin, C.: A tool for teaching web application security. In: Proceedings of the 14th Colloquium for Information Systems Security Education, pp. 17–24 (2010)
Aly, H., Elgayyar, M.: Attacking AES using bernstein’s attack on modern processors (2013)
Atamli-Reineh, A., Paverd, A., Petracca, G., Martin, A.: A framework for application partitioning using trusted execution environments. Concurr. Comput. 29(23), e4130 (2017)
Sohail, F., Ahmed, J., Habib, Z.: PKI based cryptographic module. Paper presented at the 17th IEEE International Multi Topic Conference: Collaborative and Sustainable Development of Technologies, IEEE INMIC 2014 - Proceedings, pp. 87–91 (2015)
Racine, J.: The Cygwin tools: a GNU toolkit for Windows (2000)
Zhang, H.R., Zeng, W.X., Jiang, T.H.: Realization of certificate authority using Java and OpenSSL. Appl. Res. Comput. 5, 055 (2004)
Seidl, R., Goetze, N., Bauer-Hermann, M.: U.S. Patent No. 9,979,716. U.S. Patent and Trademark Office, Washington, DC (2018)
Yu, Y., He, W.: Design of acoustic emission monitoring system based on VC++. In: Proceedings of SPIE - The International Society for Optical Engineering, vol. 9794 (2015)
Jawi, S.M., Ali, F.H.M.: Rules and results for SSL/TLS nonintrusive proxy based on JSON data. In: 2016 6th International Conference on IT Convergence and Security, ICITCS 2016 (2016)
Tzvetkov, V.: Disaster coverable PKI model based on majority trust principle. In: International Conference on Information Technology: Coding Computing, ITCC, vol. 2, pp. 118–119 (2004)
Boopathi, M., Panwar, M., Goel, M.: SSL-Heartbleed bug. Int. J. Appl. Eng. Res. 10(4), 9947–9956 (2015)
Pitt, E.: Scalable secure sockets. In: Pitt, E. (ed.) Fundamental Networking in Java, pp. 185–213. Springer, London (2006). https://doi.org/10.1007/1-84628-252-7
Pich, C., Nachmanson, L., Robertson, G.G.: Visual analysis of importance and grouping in software dependency graphs. In: Proceedings of the 4th ACM Symposium on Software Visualization, pp. 29–32. ACM, September 2008
Acknowledgments
To the Ecuadorian Corporation for the Development of Research and Academia CEDIA, for research funding, development and innovation through CEPRA projects, in particular to the CEPRA-IX-2015 project; Tool for the Automatic Generation of Security Infrastructure in Communications using Java.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Vargas, J., Mayorga, F., Guevara, D., Martinez, H.D. (2019). Management of SSL Certificates: Through Dynamic Link Libraries. In: Botto-Tobar, M., Pizarro, G., Zúñiga-Prieto, M., D’Armas, M., Zúñiga Sánchez, M. (eds) Technology Trends. CITT 2018. Communications in Computer and Information Science, vol 895. Springer, Cham. https://doi.org/10.1007/978-3-030-05532-5_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-05532-5_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05531-8
Online ISBN: 978-3-030-05532-5
eBook Packages: Computer ScienceComputer Science (R0)