Advertisement

Management of SSL Certificates: Through Dynamic Link Libraries

  • Javier Vargas
  • Franklin Mayorga
  • David Guevara
  • H. David Martinez
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 895)

Abstract

This article describes the process of creating a dynamic-link library for SSL certificate management. The use of these libraries is usually between client-server, for communication security. The programming of a dynamic link infrastructure entails a sequence of modules for the adaptation of the requirements of a client-server system. Each module is managed by external libraries, between them the OpenSSL libraries. The proposed infrastructure uses OpenSSL libraries in client-server communication environments, resulting in interoperability between programming languages for example, Java to C/C++ migration for the creation of a secure communication environment.

Keywords

Dynamic-link library OpenSSL Interoperability 

Notes

Acknowledgments

To the Ecuadorian Corporation for the Development of Research and Academia CEDIA, for research funding, development and innovation through CEPRA projects, in particular to the CEPRA-IX-2015 project; Tool for the Automatic Generation of Security Infrastructure in Communications using Java.

References

  1. 1.
    Kim, H., Wasicek, A., Mehne, B., Lee, E.A.: A secure network architecture for the internet of things based on local authorization entities. In: Proceedings - 2016 IEEE 4th International Conference on Future Internet of Things and Cloud, FiCloud 2016, pp. 114–122 (2016)Google Scholar
  2. 2.
    Ranjbar, A., Komu, M., Salmela, P., Aura, T.: An SDN-based approach to enhance the end-to-end security: SSL/TLS case study. In: Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, pp. 281–288 (2016)Google Scholar
  3. 3.
    Loebenberger, D., Nüsken, M.: Notions for RSA integers. Int. J. Appl. Cryptol. 3(2), 116–138 (2014)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Ghafoor, I., Jattalai, I., Durrani, S., Ch, M.T.: Analysis of OpenSSL heartbleed vulnerability for embedded systems. In: 17th IEEE International Multi Topic Conference: Collaborative and Sustainable Development of Technologies, IEEE INMIC 2014 - Proceedings, pp. 314–319 (2014)Google Scholar
  5. 5.
    Zhang, L., et al.: Analysis of SSL certificate reissues and revocations in the wake of Heartbleed. In: Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC, pp. 489–502 (2014)Google Scholar
  6. 6.
    Dietz, W., Li, P., Regehr, J., Adve, V.: Understanding integer overflow in C/C++. In: Proceedings - International Conference on Software Engineering, pp. 760–770 (2012)Google Scholar
  7. 7.
    Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating SSL certificates in non-browser software. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 38–49 (2012)Google Scholar
  8. 8.
    Papadimitriou, S., Moussiades, L.: Combining Scala with C++ for efficient scientific computation in the context of ScalaLab. In: Lecture Notes in Engineering and Computer Science, vol. 2223, pp. 409–412 (2016)Google Scholar
  9. 9.
    Brubaker, C., Jana, S., Ray, B., Khurshid, S., Shmatikov, V.: Using frankencerts for automated adversarial testing of certificate validation in SSL/TLS implementations. In: Proceedings - IEEE Symposium on Security and Privacy, pp. 114–129 (2014)Google Scholar
  10. 10.
    Suga, Y.: SSL/TLS servers status survey about enabling forward secrecy. In: Proceedings - 2014 International Conference on Network-Based Information Systems, NBiS 2014, pp. 501–505 (2014)Google Scholar
  11. 11.
    Berbecaru, D., Desai, A., Lioy, A.: A unified and flexible solution for integrating CRL and OCSP into PKI applications. Softw. Pract. Exp. 39(10), 891–921 (2009)CrossRefGoogle Scholar
  12. 12.
    Roman Garcia, F.: Desarrollo de librerias de firma ciega para OpenSSL. Universitat Politecnica de Catalunya (2016)Google Scholar
  13. 13.
    Vargas, J., Guevara, D., Mayorga, F., Sánchez, F., Díaz, D.: Generación de librerías de código base para autenticación a través de certificados SSL generados automáticamente utilizando Java (2016)Google Scholar
  14. 14.
    Delaney, S.: Secure embedded communications. Electronic Products (Garden City, New York), 53(4) (2011)Google Scholar
  15. 15.
    Chen, L., Tao, L., Li, X., Lin, C.: A tool for teaching web application security. In: Proceedings of the 14th Colloquium for Information Systems Security Education, pp. 17–24 (2010)Google Scholar
  16. 16.
    Aly, H., Elgayyar, M.: Attacking AES using bernstein’s attack on modern processors (2013)CrossRefGoogle Scholar
  17. 17.
    Atamli-Reineh, A., Paverd, A., Petracca, G., Martin, A.: A framework for application partitioning using trusted execution environments. Concurr. Comput. 29(23), e4130 (2017)CrossRefGoogle Scholar
  18. 18.
    Sohail, F., Ahmed, J., Habib, Z.: PKI based cryptographic module. Paper presented at the 17th IEEE International Multi Topic Conference: Collaborative and Sustainable Development of Technologies, IEEE INMIC 2014 - Proceedings, pp. 87–91 (2015)Google Scholar
  19. 19.
    Racine, J.: The Cygwin tools: a GNU toolkit for Windows (2000)CrossRefGoogle Scholar
  20. 20.
    Zhang, H.R., Zeng, W.X., Jiang, T.H.: Realization of certificate authority using Java and OpenSSL. Appl. Res. Comput. 5, 055 (2004)Google Scholar
  21. 21.
    Seidl, R., Goetze, N., Bauer-Hermann, M.: U.S. Patent No. 9,979,716. U.S. Patent and Trademark Office, Washington, DC (2018)Google Scholar
  22. 22.
    Yu, Y., He, W.: Design of acoustic emission monitoring system based on VC++. In: Proceedings of SPIE - The International Society for Optical Engineering, vol. 9794 (2015)Google Scholar
  23. 23.
    Jawi, S.M., Ali, F.H.M.: Rules and results for SSL/TLS nonintrusive proxy based on JSON data. In: 2016 6th International Conference on IT Convergence and Security, ICITCS 2016 (2016)Google Scholar
  24. 24.
    Tzvetkov, V.: Disaster coverable PKI model based on majority trust principle. In: International Conference on Information Technology: Coding Computing, ITCC, vol. 2, pp. 118–119 (2004)Google Scholar
  25. 25.
    Boopathi, M., Panwar, M., Goel, M.: SSL-Heartbleed bug. Int. J. Appl. Eng. Res. 10(4), 9947–9956 (2015)Google Scholar
  26. 26.
    Pitt, E.: Scalable secure sockets. In: Pitt, E. (ed.) Fundamental Networking in Java, pp. 185–213. Springer, London (2006).  https://doi.org/10.1007/1-84628-252-7CrossRefzbMATHGoogle Scholar
  27. 27.
    Pich, C., Nachmanson, L., Robertson, G.G.: Visual analysis of importance and grouping in software dependency graphs. In: Proceedings of the 4th ACM Symposium on Software Visualization, pp. 29–32. ACM, September 2008Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Javier Vargas
    • 1
  • Franklin Mayorga
    • 1
  • David Guevara
    • 1
  • H. David Martinez
    • 2
  1. 1.Facultad de Ingeniería en Sistemas Electrónica e IndustrialUniversidad Técnica de AmbatoAmbatoEcuador
  2. 2.Universidad de GuayaquilGuayaquilEcuador

Personalised recommendations