Browse

TLS Cross Credential (TLS-CC) for Authentication in Delegated Networks
위임된 네트워크에서의 인증을 위한 TLS 상호증명

Cited 0 time in Web of Science Cited 0 time in Scopus
Authors
PWINT MYAT KAY KHINE
Advisor
권태경
Major
공과대학 컴퓨터공학부
Issue Date
2017-08
Publisher
서울대학교 대학원
Keywords
Content Delivery NetworkTransport Layer SecurityDelegationAuthentication
Description
학위논문 (석사)-- 서울대학교 대학원 공과대학 컴퓨터공학부, 2017. 8. 권태경.
Abstract
Nowadays, most of the content providers such as media and entertainment companies use the Content Delivery Network (CDN) services for faster delivery and higher availability. Using a globally distributed server infrastructure to absorb the network traffic, CDNs are believed to offer faster experience to the end-users and a degree of protection from Distributed Denial of Service (DDoS) attacks. However, despite the benefits of such features, there are several drawbacks related to the authentication of the third party edge networks of CDN. Current mechanisms either trust the CDN providers with the private keys or allow a certification authority to issue the CDN a certificate. Both mechanisms are undesirable in terms of attack space expansion due to the sharing of private keys or in terms of domain confusion and complicated revocation process of the CDNs certificate.
This paper proposes an authentication mechanism in CDN edge networks which does not require trusting the CDN or allowing the certification authority to issue a shared certificate to CDN. Using an object called a cross credential (CC) which can prove the delegated relationship between the CDN edge and the origin server, the proposed mechanism offers efficient solution to the above security concerns with extremely low latency and computation overhead compared to the existing solutions. We implemented our proposed mechanism by extending the standard Transport Layer Security (TLS) protocol to create the CC in the back-end channel and verify the CC in the front-end channel for edge server authentication.
Language
English
URI
http://hdl.handle.net/10371/137439
Files in This Item:
Appears in Collections:
College of Engineering/Engineering Practice School (공과대학/대학원)Dept. of Computer Science and Engineering (컴퓨터공학부)Theses (Master's Degree_컴퓨터공학부)
  • mendeley

Items in S-Space are protected by copyright, with all rights reserved, unless otherwise indicated.

Browse