{"title":"安全的自主过程通信","authors":"Aspen Olmsted","doi":"10.23919/I-SOCIETY.2017.8354680","DOIUrl":null,"url":null,"abstract":"Communications is one of the major domains of cyber security. Private Key Infrastructure (PKI) has become the defacto standard for encrypting messages between two processes. Using PKI, an autonomous process can use the private key stored on the local machine to encrypt a message and send it to a remote machine. The remote machine can use the public key from the certificate to decrypt the message. A trusted third party Certificate Authority (CA) previously signed a certificate to allow the receiving party to trust that the sender is who they say they are. The same certificate can be used to sign the message to allow the recipient to trust that the message has not been altered. Unfortunately, certificates are issued to machine names, not process identifiers. In this paper, we utilize a secure data store that can validate who a process is to ensure that the certificate is coming from a trusted process.","PeriodicalId":285075,"journal":{"name":"2017 International Conference on Information Society (i-Society)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Secure autonomous process communication\",\"authors\":\"Aspen Olmsted\",\"doi\":\"10.23919/I-SOCIETY.2017.8354680\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Communications is one of the major domains of cyber security. Private Key Infrastructure (PKI) has become the defacto standard for encrypting messages between two processes. Using PKI, an autonomous process can use the private key stored on the local machine to encrypt a message and send it to a remote machine. The remote machine can use the public key from the certificate to decrypt the message. A trusted third party Certificate Authority (CA) previously signed a certificate to allow the receiving party to trust that the sender is who they say they are. The same certificate can be used to sign the message to allow the recipient to trust that the message has not been altered. Unfortunately, certificates are issued to machine names, not process identifiers. In this paper, we utilize a secure data store that can validate who a process is to ensure that the certificate is coming from a trusted process.\",\"PeriodicalId\":285075,\"journal\":{\"name\":\"2017 International Conference on Information Society (i-Society)\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 International Conference on Information Society (i-Society)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/I-SOCIETY.2017.8354680\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Information Society (i-Society)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/I-SOCIETY.2017.8354680","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Communications is one of the major domains of cyber security. Private Key Infrastructure (PKI) has become the defacto standard for encrypting messages between two processes. Using PKI, an autonomous process can use the private key stored on the local machine to encrypt a message and send it to a remote machine. The remote machine can use the public key from the certificate to decrypt the message. A trusted third party Certificate Authority (CA) previously signed a certificate to allow the receiving party to trust that the sender is who they say they are. The same certificate can be used to sign the message to allow the recipient to trust that the message has not been altered. Unfortunately, certificates are issued to machine names, not process identifiers. In this paper, we utilize a secure data store that can validate who a process is to ensure that the certificate is coming from a trusted process.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
