An aspiring solution to the MITM bootstrap vulnerability

TitreAn aspiring solution to the MITM bootstrap vulnerability
Publication TypeConference Paper
Year of Publication2017
AuthorsZouina, M, Outtaj, B
Conference NameProceedings of the 29th International Business Information Management Association Conference - Education Excellence and Innovation Management through Vision 2020: From Regional Development Sustainability to Global Economic Growth

The proposed work falls within the context of improving data security for m-commerce (mobile commerce) systems. In this context we have placed under the light some flaws encountered in HTTPS (Hypertext Transfer Protocol Secure) the most used m-commerce protocol, particularly the man in the middle attack, shortly MITM. The man in the middle attack is an active listening attack; the idea of this attack is to target the handshake phase of the HTTPS protocol which is the transition from a non-secure connection to a secure connection in our case HTTP (Hypertext Transfer Protocol) to HTTPS. This paper proposes a solution to fix those flaws based on the upgrade of HSTS (HTTP Strict Transport Security) standard handshake sequence using the DNSSEC standard (Domain Name System Security Extensions).




Suivez-nous sur




Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

 Télécopie : (+212) 5 37 77 72 30

  Secrétariat de direction : 06 61 48 10 97

        Secrétariat général : 06 61 70 77 02

        Service des affaires estudiantines : 06 62 44 87 47

        Résidences : 06 61 82 89 77


    Compteur de visiteurs:393,673
    Education - This is a contributing Drupal Theme
    Design by WeebPal.