Secure deployment of HTTPS: Analysis and open challenges

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Focardi, Riccardo it_IT
dc.contributor.author Soligo, Lorenzo <1996> it_IT
dc.date.accessioned 2020-07-14 it_IT
dc.date.accessioned 2020-09-24T12:04:04Z
dc.date.available 2020-09-24T12:04:04Z
dc.date.issued 2020-07-28 it_IT
dc.identifier.uri http://hdl.handle.net/10579/17659
dc.description.abstract Users on the Internet unknowingly rely on HTTPS, a protocol whose goal is to cryptographically secure the communication between users and websites by providing confidentiality and integrity. HTTPS relies on the SSL/TLS protocols, but many versions and implementations of these protocols exist and some of them have been proven to be vulnerable to malign attackers. Furthermore, the communication's security depends on other key factors related to a wider application of security best-practices on the web pages: restrictions on the entities that can run code or access cookies, enforcement of the usage of HTTPS, and many more. In this thesis we analyze the state and security of the HTTPS deployment of the most visited websites for different categories, considering the overall quality of the deployment by evaluating many key aspects. We carry out an analysis that takes into account the usage of HTTPS itself, the quality of HTTPS certificates, the security of the SSL/TLS implementation used, the presence of server-side cryptographic vulnerabilities, and the adoption of other modern techniques to enforce security. Finally, we analyze the obtained results and draw some conclusions on the overall state of the HTTPS deployments analyzed. One of the main goals of this work is to raise awareness on the importance of a careful deployment of HTTPS, thus encouraging site operators to keep cryptographic stacks updated and enforce strict security guidelines. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Lorenzo Soligo, 2020 it_IT
dc.title Secure deployment of HTTPS: Analysis and open challenges it_IT
dc.title.alternative Secure deployment of HTTPS: Analysis and open challenges it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 2019/2020 - Sessione Estiva it_IT
dc.rights.accessrights openAccess it_IT
dc.thesis.matricno 875566 it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend it_IT
dc.provenance.upload Lorenzo Soligo (875566@stud.unive.it), 2020-07-14 it_IT
dc.provenance.plagiarycheck Riccardo Focardi (focardi@unive.it), 2020-07-27 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record