Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		 Previous revision
public:papers:spw2019 [2019-11-30 11:27] – created xukroppublic:papers:spw2019 [2022-01-04 18:27] (current) xukrop
Line 11: Line 11:
  
 {{fa>bullhorn}}\_//Conference:// [[https://www.cl.cam.ac.uk/events/spw/2019/|Security Protocols Workshop 2019]] {{fa>bullhorn}}\_//Conference:// [[https://www.cl.cam.ac.uk/events/spw/2019/|Security Protocols Workshop 2019]]
 +
 +\_{{fa>id-badge}}\_\_//DOI:// [[https://doi.org/10.1007/978-3-030-57043-9_25]]
 </TEXT> </TEXT>
 </col> </col>
Line 17: Line 19:
 <TEXT align="right"> <TEXT align="right">
  
-<popover trigger="focus" title="Not yet available" content="Publication in progress."> +<button type="warning" icon="fa fa-file-pdf-o">[[https://crocs.fi.muni.cz/_media/publications/pdf/2019-spw-kraus.pdf|Pre-print PDF]]</button>
-<button type="warning" icon="fa fa-file-pdf-o">Pre-print PDF</button+
-</popover>+
 \_ \_
 <popover trigger="focus" title="Not yet available" content="Presentation will be added soon."> <popover trigger="focus" title="Not yet available" content="Presentation will be added soon.">
Line 35: Line 35:
     Author        = {Lydia Kraus and Martin Ukrop and Vashek Matyas and Tobias Fiebig},     Author        = {Lydia Kraus and Martin Ukrop and Vashek Matyas and Tobias Fiebig},
     BookTitle     = {27th International Workshop on Security Protocols (SPW 2019)},     BookTitle     = {27th International Workshop on Security Protocols (SPW 2019)},
-    Year          = {2019}, +    Year          = {2020}, 
-    Publisher     = {Forthcoming}, +    Publisher     = {Springer International Publishing}, 
-    crocsweb      = {https://crocs.fi.muni.cz/papers/spw2019}, +    Pages         = {267--280}, 
-    Keywords      = {usablesec},+    DOI           = {10.1007/978-3-030-57043-9_25},
   }   }
 </collapse> </collapse>
Line 45: Line 45:
 The creation of the World Wide Web (WWW) in the early 1990’s finally made the Internet accessible to a wider part of the population. With this increase in users, security became more important. To address confidentiality and integrity requirements on the web, Netscape—by then a major web browser vendor—presented the Secure Socket Layer (SSL), later versions of which were renamed to Transport Layer Security (TLS). In turn, this necessitated the introduction of both security indicators in browsers to inform users about the TLS connection state and also of warnings to inform users about potential errors in the TLS connection to a website. Looking at the evolution of indicators and warnings, we find that the qualitative data on security indicators and warnings, i.e., screen shots of different browsers over time is inconsistent. Hence, in this paper we outline our methodology for collecting a comprehensive data set of web browser security indicators and warnings, which will enable researchers to better understand how security indicators and TLS warnings in web browsers evolved over time. The creation of the World Wide Web (WWW) in the early 1990’s finally made the Internet accessible to a wider part of the population. With this increase in users, security became more important. To address confidentiality and integrity requirements on the web, Netscape—by then a major web browser vendor—presented the Secure Socket Layer (SSL), later versions of which were renamed to Transport Layer Security (TLS). In turn, this necessitated the introduction of both security indicators in browsers to inform users about the TLS connection state and also of warnings to inform users about potential errors in the TLS connection to a website. Looking at the evolution of indicators and warnings, we find that the qualitative data on security indicators and warnings, i.e., screen shots of different browsers over time is inconsistent. Hence, in this paper we outline our methodology for collecting a comprehensive data set of web browser security indicators and warnings, which will enable researchers to better understand how security indicators and TLS warnings in web browsers evolved over time.
 </panel> </panel>
 +
 +===== Further research =====
 +
 +Based on the ideas presented in this paper, we started developing a tool for automatic collection of SSL/TLS warnings and errors in different browser. The tool under development can be found on the lab's GitHub profile.
 +
 +<button type="primary" icon="fa fa-github">[[https://github.com/crocs-muni/tls-warning-collector|TLS warning collector]]</button>