skip to main content
10.1145/3532105.3535042acmconferencesArticle/Chapter ViewAbstractPublication PagessacmatConference Proceedingsconference-collections
demonstration

Demo: TLSAssistant v2: A Modular and Extensible Framework for Securing TLS

Published:08 June 2022Publication History

ABSTRACT

To grasp the security implications of the various TLS configuration options, system administrators and app developers must be familiar with a wide range of concepts, including cryptography. To assist users in this task, we propose TLSAssistant- a modular and extensible framework designed to streamline the discovery and mitigation of potential vulnerabilities in TLS deployments. This demo will focus on two of the four available analysis types.

References

  1. AgID - Agenzia per l'Italia digitale. 2022. Il catalogo del software open source a disposizione della Pubblica Amministrazione. https://developers.italia.it/it/software.Google ScholarGoogle Scholar
  2. Sascha Fahl, Marian Harbach, Thomas Muders, Lars Baumgärtner, Bernd Freisleben, and Matthew Smith. 2012. Why Eve and Mallory Love Android: An Analysis of Android SSL (in)Security. In Proceedings of the 2012 ACM Conference on Computer and Communications Security. 50--61. https://doi.org/10.1145/2382196.2382205Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, and Edgar Weippl. 2017. "I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/krombholz. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 1339--1356.Google ScholarGoogle Scholar
  4. Salvatore Manfredi, Mariano Ceccato, Silvio Ranise, and Giada Sciarretta. 2021. Do Security Reports Meet Usability? -- Lessons Learned from Using Actionable Mitigations for Patching TLS Misconfigurations. https://doi.org/10.1145/3465481.3469187Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Bodo Möller, Thai Duong, and Krzysztof Kotowicz. 2014. This POODLE Bites: Exploiting The SSL 3.0 Fallback http://www.bmoeller.de/pdf/ssl-poodle.pdf.Google ScholarGoogle Scholar
  6. Security and Trust Research Unit. 2022. TLSAssistant. https://github.com/stfbk/tlsassistant.Google ScholarGoogle Scholar
  7. Security and Trust Research Unit. 2022. TLSAssistant. https://st.fbk.eu/tools/TLSAssistant.Google ScholarGoogle Scholar

Index Terms

  1. Demo: TLSAssistant v2: A Modular and Extensible Framework for Securing TLS

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in
      • Published in

        cover image ACM Conferences
        SACMAT '22: Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies
        June 2022
        282 pages
        ISBN:9781450393577
        DOI:10.1145/3532105

        Copyright © 2022 Owner/Author

        Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 8 June 2022

        Check for updates

        Qualifiers

        • demonstration

        Acceptance Rates

        Overall Acceptance Rate177of597submissions,30%

        Upcoming Conference

        SACMAT 2024
      • Article Metrics

        • Downloads (Last 12 months)25
        • Downloads (Last 6 weeks)1

        Other Metrics

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader