Skip to main content
SpringerLink
Log in

Management of SSL Certificates: Through Dynamic Link Libraries

  • Conference paper
  • First Online:
Technology Trends (CITT 2018)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 895))

Included in the following conference series:

  • 1083 Accesses

Abstract

This article describes the process of creating a dynamic-link library for SSL certificate management. The use of these libraries is usually between client-server, for communication security. The programming of a dynamic link infrastructure entails a sequence of modules for the adaptation of the requirements of a client-server system. Each module is managed by external libraries, between them the OpenSSL libraries. The proposed infrastructure uses OpenSSL libraries in client-server communication environments, resulting in interoperability between programming languages for example, Java to C/C++ migration for the creation of a secure communication environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kim, H., Wasicek, A., Mehne, B., Lee, E.A.: A secure network architecture for the internet of things based on local authorization entities. In: Proceedings - 2016 IEEE 4th International Conference on Future Internet of Things and Cloud, FiCloud 2016, pp. 114–122 (2016)

    Google Scholar 

  2. Ranjbar, A., Komu, M., Salmela, P., Aura, T.: An SDN-based approach to enhance the end-to-end security: SSL/TLS case study. In: Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, pp. 281–288 (2016)

    Google Scholar 

  3. Loebenberger, D., Nüsken, M.: Notions for RSA integers. Int. J. Appl. Cryptol. 3(2), 116–138 (2014)

    Google Scholar 

  4. Ghafoor, I., Jattalai, I., Durrani, S., Ch, M.T.: Analysis of OpenSSL heartbleed vulnerability for embedded systems. In: 17th IEEE International Multi Topic Conference: Collaborative and Sustainable Development of Technologies, IEEE INMIC 2014 - Proceedings, pp. 314–319 (2014)

    Google Scholar 

  5. Zhang, L., et al.: Analysis of SSL certificate reissues and revocations in the wake of Heartbleed. In: Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC, pp. 489–502 (2014)

    Google Scholar 

  6. Dietz, W., Li, P., Regehr, J., Adve, V.: Understanding integer overflow in C/C++. In: Proceedings - International Conference on Software Engineering, pp. 760–770 (2012)

    Google Scholar 

  7. Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating SSL certificates in non-browser software. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 38–49 (2012)

    Google Scholar 

  8. Papadimitriou, S., Moussiades, L.: Combining Scala with C++ for efficient scientific computation in the context of ScalaLab. In: Lecture Notes in Engineering and Computer Science, vol. 2223, pp. 409–412 (2016)

    Google Scholar 

  9. Brubaker, C., Jana, S., Ray, B., Khurshid, S., Shmatikov, V.: Using frankencerts for automated adversarial testing of certificate validation in SSL/TLS implementations. In: Proceedings - IEEE Symposium on Security and Privacy, pp. 114–129 (2014)

    Google Scholar 

  10. Suga, Y.: SSL/TLS servers status survey about enabling forward secrecy. In: Proceedings - 2014 International Conference on Network-Based Information Systems, NBiS 2014, pp. 501–505 (2014)

    Google Scholar 

  11. Berbecaru, D., Desai, A., Lioy, A.: A unified and flexible solution for integrating CRL and OCSP into PKI applications. Softw. Pract. Exp. 39(10), 891–921 (2009)

    Google Scholar 

  12. Roman Garcia, F.: Desarrollo de librerias de firma ciega para OpenSSL. Universitat Politecnica de Catalunya (2016)

    Google Scholar 

  13. Vargas, J., Guevara, D., Mayorga, F., Sánchez, F., Díaz, D.: Generación de librerías de código base para autenticación a través de certificados SSL generados automáticamente utilizando Java (2016)

    Google Scholar 

  14. Delaney, S.: Secure embedded communications. Electronic Products (Garden City, New York), 53(4) (2011)

    Google Scholar 

  15. Chen, L., Tao, L., Li, X., Lin, C.: A tool for teaching web application security. In: Proceedings of the 14th Colloquium for Information Systems Security Education, pp. 17–24 (2010)

    Google Scholar 

  16. Aly, H., Elgayyar, M.: Attacking AES using bernstein’s attack on modern processors (2013)

    Google Scholar 

  17. Atamli-Reineh, A., Paverd, A., Petracca, G., Martin, A.: A framework for application partitioning using trusted execution environments. Concurr. Comput. 29(23), e4130 (2017)

    Google Scholar 

  18. Sohail, F., Ahmed, J., Habib, Z.: PKI based cryptographic module. Paper presented at the 17th IEEE International Multi Topic Conference: Collaborative and Sustainable Development of Technologies, IEEE INMIC 2014 - Proceedings, pp. 87–91 (2015)

    Google Scholar 

  19. Racine, J.: The Cygwin tools: a GNU toolkit for Windows (2000)

    Google Scholar 

  20. Zhang, H.R., Zeng, W.X., Jiang, T.H.: Realization of certificate authority using Java and OpenSSL. Appl. Res. Comput. 5, 055 (2004)

    Google Scholar 

  21. Seidl, R., Goetze, N., Bauer-Hermann, M.: U.S. Patent No. 9,979,716. U.S. Patent and Trademark Office, Washington, DC (2018)

    Google Scholar 

  22. Yu, Y., He, W.: Design of acoustic emission monitoring system based on VC++. In: Proceedings of SPIE - The International Society for Optical Engineering, vol. 9794 (2015)

    Google Scholar 

  23. Jawi, S.M., Ali, F.H.M.: Rules and results for SSL/TLS nonintrusive proxy based on JSON data. In: 2016 6th International Conference on IT Convergence and Security, ICITCS 2016 (2016)

    Google Scholar 

  24. Tzvetkov, V.: Disaster coverable PKI model based on majority trust principle. In: International Conference on Information Technology: Coding Computing, ITCC, vol. 2, pp. 118–119 (2004)

    Google Scholar 

  25. Boopathi, M., Panwar, M., Goel, M.: SSL-Heartbleed bug. Int. J. Appl. Eng. Res. 10(4), 9947–9956 (2015)

    Google Scholar 

  26. Pitt, E.: Scalable secure sockets. In: Pitt, E. (ed.) Fundamental Networking in Java, pp. 185–213. Springer, London (2006). https://doi.org/10.1007/1-84628-252-7

    Google Scholar 

  27. Pich, C., Nachmanson, L., Robertson, G.G.: Visual analysis of importance and grouping in software dependency graphs. In: Proceedings of the 4th ACM Symposium on Software Visualization, pp. 29–32. ACM, September 2008

    Google Scholar 

Download references

Acknowledgments

To the Ecuadorian Corporation for the Development of Research and Academia CEDIA, for research funding, development and innovation through CEPRA projects, in particular to the CEPRA-IX-2015 project; Tool for the Automatic Generation of Security Infrastructure in Communications using Java.

Author information

Authors and Affiliations

  1. Facultad de Ingeniería en Sistemas Electrónica e Industrial, Universidad Técnica de Ambato, Ambato, Ecuador

    Javier Vargas, Franklin Mayorga & David Guevara

  2. Universidad de Guayaquil, Guayaquil, Ecuador

    H. David Martinez

Authors
  1. Javier Vargas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Franklin Mayorga
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David Guevara
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. H. David Martinez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Javier Vargas .

Editor information

Editors and Affiliations

  1. Eindhoven University of Technology, Eindhoven, Noord-Brabant, The Netherlands

    Miguel Botto-Tobar

  2. Computer Science, Politecnica Salesiana University, Cuenca, Ecuador

    Guillermo Pizarro

  3. Facultad de Ingenieria, University of Cuenca, Cuenca, Ecuador

    Miguel Zúñiga-Prieto

  4. Universidad Estatal de Milagro, San Francisco de Milagro, Ecuador

    Mayra D’Armas

  5. Universidad Técnica de Babahoyo, Babahoyo, Ecuador

    Miguel Zúñiga Sánchez

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Vargas, J., Mayorga, F., Guevara, D., Martinez, H.D. (2019). Management of SSL Certificates: Through Dynamic Link Libraries. In: Botto-Tobar, M., Pizarro, G., Zúñiga-Prieto, M., D’Armas, M., Zúñiga Sánchez, M. (eds) Technology Trends. CITT 2018. Communications in Computer and Information Science, vol 895. Springer, Cham. https://doi.org/10.1007/978-3-030-05532-5_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-05532-5_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-05531-8

  • Online ISBN: 978-3-030-05532-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation