- Research Article
- Open access
- Published:
Multiple-Channel Security Architecture and its Implementation over SSL
EURASIP Journal on Wireless Communications and Networking volume 2006, Article number: 085495 (2006)
Abstract
This paper presents multiple-channel SSL (MC-SSL), an architecture and protocol for protecting client-server communications. In contrast to SSL, which provides a single end-to-end secure channel, MC-SSL enables applications to employ multiple channels, each with its own cipher suite and data-flow direction. Our approach also allows for several partially trusted application proxies. The main advantages of MC-SSL over SSL are (a) support for end-to-end security in the presence of partially trusted proxies, and (b) selective data protection for achieving computational efficiency important to resource-constrained clients and heavily loaded servers.
References
Dierks T, Allen C: The TLS Protocol Version 1.0. RFC 2246, January 1999
Schneier B: Applied Cryptography. 2nd edition. John Wiley & Sons, New York, NY, USA; 1996.
Rhee MY: Internet Security : Cryptographic Principles, Algorithms and Protocols. John Wiley & Sons, New York, NY, USA; 2003.
WAP Forum WAP 2.0 Specifications, http://www.openmobilealliance.org/
Ravi S, Raghunathan A, Potlapally N: Securing wireless data: system architecture challenges. Proceedings of the International Symposium on System Synthesis, October 2002, Kyoto, Japan 195-200.
Lee J, Leung VCM, Beznosov K: Analysis of scalable security–MC-SSL savings. In Tech. Rep. LERSSE-TR-2005-02. Laboratory for Education and Research in Secure Systems Engineering (LERSSE), University of British Columbia, Vancouver, BC, Canada; October 2005.
Portmann M, Seneviratne A: Selective security for TLS. Proceedings of the 9th IEEE International Conference on Networks (ICON '01), October 2001, Bangkok, Thailand 216-221.
Kennedy DJ: An architecture for secure, client-driven deployment of application-specific proxies, M.S. thesis. University of Waterloo, Waterloo, Ontario, Canada; 2000.
Kwon EK, Cho YG, Chae KJ: Integrated transport layer security: end-to-end security model between WTLS and TLS. Proceedings of 15th International Conference on Information Networking, January-February 2001, Oita, Japan 65-71.
W3C XML Signature Recommendations, February 2002, http://www.w3.org/Signature/
W3C XML Encryption Recommendations, December 2002, http://www.w3.org/Encryption/
OASIS Open : Web Services Security: SOAP Message Security. , August 2003 http://www.oasis-open.org/committees/documents.php?wg_abbrev=wss
OASIS Open : Web Services Security X.509 Certificate Token Profile. working draft 11, October 2003, http://www.oasis-open.org/committees/documents.php?wg_abbrev=wss
OASIS Open : Web Services Security Kerberos Certificate Token Profile. working draft 03, January 2003, http://www.oasis-open.org/committees/documents.php?wg_abbrev=wss
OASIS Open : Web Services Security Username Token Profile. working draft 04, October 2003, http://www.oasis-open.org/committees/documents.php?wg_abbrev=wss
Lesniewski-Laas C, Frans Kaashoek M: SSL splitting: securely serving data from untrusted caches. Proceedings of the 12th USENIX Security Symposium, August 2003, Washington, DC, USA 187-200.
W3C HTML 4.01, December 1999, http://www.w3.org/TR/html4/
W3C XHTML 2.0, July 2004, http://www.w3.org/TR/xhtml2/
Kiczales G, Lamping J, Mendhekar A, et al.: Aspect-oriented programming. Proceedings of the 11th European Conference on Object-Oriented Programming, June 1997, Jyvaskyla, Finland 220-242.
Song Y: Multiple-channel security model and its implementation over SSL, M.S. thesis. University of British Columbia, Vancouver, BC, Canada; 2004. http://lersse-dl.ece.ubc.ca/search.py?recid=94
OpenSSL Project 2004.http://www.openssl.org/
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License ( https://creativecommons.org/licenses/by/2.0 ), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
About this article
Cite this article
Song, Y., Beznosov, K. & Leung, V.C.M. Multiple-Channel Security Architecture and its Implementation over SSL. J Wireless Com Network 2006, 085495 (2006). https://doi.org/10.1155/WCN/2006/85495
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1155/WCN/2006/85495