Search For:

Displaying 1-17 out of 17 total
A Distributed Certificate Management System (DCMS) Supporting Group-Based Access Controls
Found in: Computer Security Applications Conference, Annual
By Rolf Oppliger, Andreas Greulich, Peter Trachsel
Issue Date:December 1999
pp. 241
Mainly for scalability reasons, many cryptographic security protocols make use of public key cryptography and require the existence of a corresponding public key infrastructure (PKI). A PKI, in turn, consists of one or several certification authorities (CA...
Certification Authorities Under Attack: A Plea for Certificate Legitimation
Found in: IEEE Internet Computing
By Rolf Oppliger
Issue Date:January 2014
pp. 40-47
Several recent attacks against certification authorities (CAs) and fraudulently issued certificates have put the security and usefulness of the Internet public-key infrastructure (PKI) at stake. In this article, the author argues that such attacks are like...
Common Misconceptions in Computer and Information Security
Found in: Computer
By Rolf Oppliger,Bruno Wildhaber
Issue Date:June 2012
pp. 102-104
In today's highly distributed and networked world, common misconceptions in computer and information security often cause IT professionals to spend money on useless mechanisms and services.
Security and Privacy in an Online World
Found in: Computer
By Rolf Oppliger
Issue Date:September 2011
pp. 21-22
Because it is increasingly difficult if not impossible to define the perimeter that separates the trusted inside from the untrusted outside, many security and privacy mechanisms no longer work in an online world.
Internet Banking: Client-Side Attacks and Protection Mechanisms
Found in: Computer
By Rolf Oppliger, Ruedi Rytz, Thomas Holderegger
Issue Date:May 2009
pp. 27-33
Although current mechanisms protect against offline credential-stealing attacks, effective protection against online channel-breaking attacks requires technologies to defeat man-in-the-middle (MITM) attacks, and practical protection against content-manipul...
SSL/TLS Session-Aware User Authentication
Found in: Computer
By Rolf Oppliger, Ralf Hauser, David Basin
Issue Date:March 2008
pp. 59-65
Overall, transport layer security with session-aware user authentication offers a promising approach to solving man-in-the-middle attack problems by leveraging the legacy authentication mechanisms and systems that the general public has become accustomed t...
Providing Certified Mail Services on the Internet
Found in: IEEE Security and Privacy
By Rolf Oppliger
Issue Date:January 2007
pp. 16-22
In its current form, the Internet doesn't provide a reliable messaging infrastructure. This is particularly true for the provision of nonrepudiation services, such as certified mail. This article discusses, analyzes, and assesses technologies that provide ...
Does Trusted Computing Remedy Computer Security Problems?
Found in: IEEE Security and Privacy
By Rolf Oppliger, Ruedi Rytz
Issue Date:March 2005
pp. 16-19
The authors examine whether trusted computing is likely to remedy the relevant security problems in PCs. They argue that although trusted computing has some merits, it neither provides a complete remedy nor is it likely to prevail in the PC mass market.
Digital Evidence: Dream and Reality
Found in: IEEE Security and Privacy
By Rolf Oppliger, Ruedi Rytz
Issue Date:September 2003
pp. 44-48
<p>Digital evidence is inherently weak. New evidence-gathering technologies-digital black boxes-must be developed and deployed to support investigations of irreproducible events such as digitally signing a document.</p>
Microsoft .NET Passport: A Security Analysis
Found in: Computer
By Rolf Oppliger
Issue Date:July 2003
pp. 29-35
<p>Part of its .NET initiative, Microsoft's set of Web services includes .NET Passport, a password-based user authentication and single sign-in service. The system offers a simple and sufficiently secure alternative to privilege-management infrastruc...
Microsoft Outlook Web Access: Blessing or Bane to Security?
Found in: IT Professional
By Rolf Oppliger
Issue Date:January 2003
pp. 27-31
<p>Employees working away from the office want Web access to e-mail. Provide this service in a Microsoft Exchange environment without putting sensitive information at risk.</p>
Shaping the Research Agenda for Security in E-Commerce
Found in: Database and Expert Systems Applications, International Workshop on
By Rolf Oppliger
Issue Date:September 1999
pp. 810
In this paper, we overview the current state-of-the-art and future trends in network security and argue that the secu-rity requirements of electronic commerce (e-commerce) applications generally go beyond the more traditional requirements of network securi...
Security at the Internet Layer
Found in: Computer
By Rolf Oppliger
Issue Date:September 1998
pp. 43-47
Internet Protocol, version 6, was conceived with two main goals: increase address space and improve security, relative to IPv4. The community achieved the first goal by increasing the IP address length from 32 bits to 128 bits. To meet the second goal, the...
Internet Security Enters the Middle Ages
Found in: Computer
By Rolf Oppliger
Issue Date:October 1995
pp. 100-101
No summary available.
IT security: in search of the Holy Grail
Found in: Communications of the ACM
By Rolf Oppliger
Issue Date:February 2007
pp. 96-98
Approaching IT security as an engineering and management problem.
Certified mail: the next challenge for secure messaging
Found in: Communications of the ACM
By Rolf Oppliger
Issue Date:August 2004
pp. 75-79
The lack of evidence for message receipt is a missing piece of the infrastructure required for the more professional use of email.
Internet security: firewalls and beyond
Found in: Communications of the ACM
By Rolf Oppliger
Issue Date:January 1988
pp. 92-102
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.