{"title":"TLS的选择性安全性","authors":"M. Portmann, A. Seneviratne","doi":"10.1109/ICON.2001.962343","DOIUrl":null,"url":null,"abstract":"Today's computing environments are becoming increasingly heterogeneous, mostly due to the growth of mobile computing. In this environment, application layer proxies that can adapt and tailor the content to the client's needs and capabilities as well as to the available network resources are highly beneficial. The problem is that content adaptation proxies are generally incompatible with the notion of end-to-end security. The only generic solution to this problem is the concept of selective security. The idea is to apply security selectively only to the sensitive elements of a data stream and expose the rest to any intermediary system for potential content adaptation. None of the currently used security protocols provides an API for fine-grained control of the application of security mechanisms to a data stream. We propose a simple extension to the transport layer security protocol (TLS), which provides the application with an interface for selectively protecting elements within a data stream. We also discuss a generic application scenario that shows how the proposed extended features can be used in conjunction with content adaptation proxies.","PeriodicalId":178842,"journal":{"name":"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Selective security for TLS\",\"authors\":\"M. Portmann, A. Seneviratne\",\"doi\":\"10.1109/ICON.2001.962343\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Today's computing environments are becoming increasingly heterogeneous, mostly due to the growth of mobile computing. In this environment, application layer proxies that can adapt and tailor the content to the client's needs and capabilities as well as to the available network resources are highly beneficial. The problem is that content adaptation proxies are generally incompatible with the notion of end-to-end security. The only generic solution to this problem is the concept of selective security. The idea is to apply security selectively only to the sensitive elements of a data stream and expose the rest to any intermediary system for potential content adaptation. None of the currently used security protocols provides an API for fine-grained control of the application of security mechanisms to a data stream. We propose a simple extension to the transport layer security protocol (TLS), which provides the application with an interface for selectively protecting elements within a data stream. We also discuss a generic application scenario that shows how the proposed extended features can be used in conjunction with content adaptation proxies.\",\"PeriodicalId\":178842,\"journal\":{\"name\":\"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2001-10-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICON.2001.962343\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. Ninth IEEE International Conference on Networks, ICON 2001.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICON.2001.962343","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Today's computing environments are becoming increasingly heterogeneous, mostly due to the growth of mobile computing. In this environment, application layer proxies that can adapt and tailor the content to the client's needs and capabilities as well as to the available network resources are highly beneficial. The problem is that content adaptation proxies are generally incompatible with the notion of end-to-end security. The only generic solution to this problem is the concept of selective security. The idea is to apply security selectively only to the sensitive elements of a data stream and expose the rest to any intermediary system for potential content adaptation. None of the currently used security protocols provides an API for fine-grained control of the application of security mechanisms to a data stream. We propose a simple extension to the transport layer security protocol (TLS), which provides the application with an interface for selectively protecting elements within a data stream. We also discuss a generic application scenario that shows how the proposed extended features can be used in conjunction with content adaptation proxies.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
