排序方式: 共有55条查询结果,搜索用时 31 毫秒
1.
2014年4月8日,OpenSSL爆出其加密代码中一种名为Heartbleed的严重安全漏洞。利用该漏洞,攻击者在对客户端OpenSSL代码进行修改后,就能从内存中读取请求存储位置之外的多达64 KB的数据,这段内存数据可能包含证书私钥、用户名与密码、聊天信息、电子邮件、重要的商业文档、通信等数据。目前,绝大多数的电商以及网络支付的登录服务都是使用OpenSSL协议进行搭建的,所以该漏洞有着极为深远的影响。因此第一时间对该漏洞进行研究,分析,修复,是整个安全领域的首要任务。 相似文献
2.
田兴 《电脑与微电子技术》2014,(2):30-32,71
主要介绍如何利用OpenSSL实现数字签名及数字验证,重点关注数字签名及数字验证的处理流程。通过对比实验,得到数字签名方案中的几个特点,并着重分析算法和公钥算法对数字签名方案效率的影响,为完善数字签名在实际通信安全领域中的应用提供建议。 相似文献
3.
虚拟专用网络(VPN,Virtual Private Network)正迅速成为远程存取应用中最为普及的一种方法;安全套接层协议SSL是用来保障数据安全传输的协议,目前已经成为事实上的工业标准;两者的结合——SSL VPN(Secure Socket Layer Virtual Private Network)正成为远程安全接入市场上的一个热点。通过对SSL VPN三种不同实现方案的分析比较,结合OpenSSL和Zebra设计实现了SSL VPN服务器,该方案使用隧道连接方式,能够在不更改应用程序的条件下,为企业提供全网接入的能力。 相似文献
4.
VNC以其真正的瘦客户技术和平台独立性,在网络计算领域得到了广泛的应用,但它在网络安全性方面存在缺陷,使其难以应用于企业应用服务系统中。在分析VNC安全机制的基础上,提出了解决方案,并利用Openssl中提供的密码算法库,实现其安全解决方案。 相似文献
5.
Public key certificates (PKCs) are used nowadays in several security protocols and applications, so as to secure data exchange via transport layer security channels, or to protect data at the application level by means of digital signatures. However, many security applications often fail to manage properly the PKCs, in particular when checking their validity status. These failures are partly due to the lack of experience (or training) of the users who configure these applications or protocols, and partly due to the scarce support offered by some common cryptographic libraries to the application developers. This paper describes the design and implementation of a light middleware dealing with certificate validation in a unified way. Our middleware exploits on one side the libraries that have already been defined or implemented for certificate validation, and it constructs a thin layer, which provides flexibility and security features to the upper layer applications. In our current approach, this layer boasts an integrated approach to support various certificate revocation mechanisms, it protects the applications from some common security attacks, and offers several configuration and performance options to the programmers and to the end users. We describe the architecture of this approach as well as its practical implementation in the form of a library based on the famous OpenSSL security library, and that can be easily integrated with other certificate‐aware security applications. Copyright © 2009 John Wiley & Sons, Ltd. 相似文献
6.
异步消息驱动安全通信模块的设计与实现 总被引:1,自引:0,他引:1
为了保障多参数监护数据汇总系统的数据传输安全,设计并实现了一个高性能的安全通信模块.通过WSAAsyncSelect I/O模型构建了异步套接字事件多路分解及调度框架,运用安全套接字层协议保证数据传输的安全可靠,并通过多态技术提高了模块的可扩展性.最后在Win32平台上实现了一个数据汇总通信系统作为示例,测试验证了安全... 相似文献
7.
SSL是在互联网上提供安全通讯的密码学协议。在分析SSL协议和中间人攻击原理的基础上,利用OpenSSL开发库实现了中间人攻击,包括会话劫持、公钥证书的伪造和数据的转发,为用户安全使用SSL协议提供了建议和参考。 相似文献
8.
SSL/TLS validations such as certificate and public key pinning can reinforce the security of encrypted communications between Internet-of-Things devices and remote servers, and ensure the privacy of users. However, such implementations complicate forensic analysis and detection of information disclosure; say, when a mobile app breaches user’s privacy by sending sensitive information to third parties. Therefore, it is crucial to develop the capacity to vet mobile apps augmenting the security of SSL/TLS traffic. In this paper, we propose a technique to bypass the system’s default certificate validation as well as built-in SSL/TLS validations performed in iOS apps. We then demonstrate its utility by analysing 40 popular iOS social networking, electronic payment, banking, and cloud computing apps. 相似文献
9.
郝立峰 《计算机应用与软件》2011,(9)
针对嵌入式系统中信息安全的特点,选择椭圆曲线公钥密码体制ECC(Elliptic Curves Cryptosystem)作为加解密系统体制,应用开源安全软件开发包OpenSSL作为密码库开发了加解密系统。详细介绍了椭圆曲线密码体制的两种常用算法:EC-ELGamal与Menezes-Vanstone,在arm-linux平台上开发了完整的上述两种算法的加解密系统,在实际应用中对比、分析了两种算法的优缺点。分析表明:EC-ELGamal与Menezes-Vanstone两种椭圆曲线密码体制算法分别有其适合应用的领域。实践证明:OpenSSL在arm-linux和其他类型的嵌入式平台加密系统的设计方面有很大的易用性、通用性。 相似文献
10.