An aspiring solution to the MITM bootstrap vulnerability

TitreAn aspiring solution to the MITM bootstrap vulnerability
Publication TypeConference Paper
Year of Publication2017
AuthorsZouina, M, Outtaj, B
Conference NameProceedings of the 29th International Business Information Management Association Conference - Education Excellence and Innovation Management through Vision 2020: From Regional Development Sustainability to Global Economic Growth
Abstract

The proposed work falls within the context of improving data security for m-commerce (mobile commerce) systems. In this context we have placed under the light some flaws encountered in HTTPS (Hypertext Transfer Protocol Secure) the most used m-commerce protocol, particularly the man in the middle attack, shortly MITM. The man in the middle attack is an active listening attack; the idea of this attack is to target the handshake phase of the HTTPS protocol which is the transition from a non-secure connection to a secure connection in our case HTTP (Hypertext Transfer Protocol) to HTTPS. This paper proposes a solution to fix those flaws based on the upgrade of HSTS (HTTP Strict Transport Security) standard handshake sequence using the DNSSEC standard (Domain Name System Security Extensions).

URLhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85029759601&partnerID=40&md5=963ec95920c1fef56bbbb9224b5f2501
Revues: 

Partenaires

Localisation

Suivez-nous sur

         

    

Contactez-nous

ENSIAS

Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

  Télécopie : (+212) 5 37 68 60 78

  Secrétariat de direction : 06 61 48 10 97

        Secrétariat général : 06 61 34 09 27

        Service des affaires financières : 06 61 44 76 79

        Service des affaires estudiantines : 06 62 77 10 17 / n.mhirich@um5s.net.ma

        CEDOC ST2I : 06 66 39 75 16

        Résidences : 06 61 82 89 77

Contacts

    

    Compteur de visiteurs:634,797
    Education - This is a contributing Drupal Theme
    Design by WeebPal.