{"title":"Selective security for TLS","authors":"M. Portmann, A. Seneviratne","doi":"10.1109/ICON.2001.962343","DOIUrl":null,"url":null,"abstract":"Today's computing environments are becoming increasingly heterogeneous, mostly due to the growth of mobile computing. In this environment, application layer proxies that can adapt and tailor the content to the client's needs and capabilities as well as to the available network resources are highly beneficial. The problem is that content adaptation proxies are generally incompatible with the notion of end-to-end security. The only generic solution to this problem is the concept of selective security. The idea is to apply security selectively only to the sensitive elements of a data stream and expose the rest to any intermediary system for potential content adaptation. None of the currently used security protocols provides an API for fine-grained control of the application of security mechanisms to a data stream. We propose a simple extension to the transport layer security protocol (TLS), which provides the application with an interface for selectively protecting elements within a data stream. We also discuss a generic application scenario that shows how the proposed extended features can be used in conjunction with content adaptation proxies.","PeriodicalId":178842,"journal":{"name":"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICON.2001.962343","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 16
Abstract
Today's computing environments are becoming increasingly heterogeneous, mostly due to the growth of mobile computing. In this environment, application layer proxies that can adapt and tailor the content to the client's needs and capabilities as well as to the available network resources are highly beneficial. The problem is that content adaptation proxies are generally incompatible with the notion of end-to-end security. The only generic solution to this problem is the concept of selective security. The idea is to apply security selectively only to the sensitive elements of a data stream and expose the rest to any intermediary system for potential content adaptation. None of the currently used security protocols provides an API for fine-grained control of the application of security mechanisms to a data stream. We propose a simple extension to the transport layer security protocol (TLS), which provides the application with an interface for selectively protecting elements within a data stream. We also discuss a generic application scenario that shows how the proposed extended features can be used in conjunction with content adaptation proxies.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
