Using Architecture and Abstractions to Design a Security Layer for TLS - USENIX Enigma 2019
Offered By: USENIX Enigma Conference via YouTube
Course Description
Overview
Explore a comprehensive analysis of TLS security architecture and abstractions in this USENIX Enigma Conference talk. Delve into the challenges developers face when implementing TLS correctly and discover a proposed solution through a security layer fitting into the Internet architecture. Learn about the POSIX socket API as a simple abstraction for TLS interface and understand its implications for developers, administrators, and OS vendors. Examine the benefits of centralized, well-tested services for creating secure applications and enforcing best practices through system policies. Gain insights into simplifying complex aspects of TLS, including certificate validation and client authentication. Access code examples for the security layer and application demonstrations to further explore this innovative approach to enhancing TLS implementation and security.
Syllabus
Intro
What's Being Done to Fix This?
A Security Layer for TLS
POSIX Socket API Abstraction
Secure Socket API
Separation of Concerns
Configuration Instead of Implementation
Centralization
No Discernible Overhead
No problem...
Client Authentication Architecture
Client Authentication, Step-by-step
Automated Certificates at Registration
Let's Authenticate
Architecture is the Holy Grail
Continue the Quest
Taught by
USENIX Enigma Conference
Related Courses
Adventures in Authentication and AuthorizationUSENIX Enigma Conference via YouTube Navigating the Sandbox Buffet
USENIX Enigma Conference via YouTube Meaningful Hardware Privacy for a Smart and Augmented Future
USENIX Enigma Conference via YouTube Working on the Frontlines - Privacy and Security with Vulnerable Populations
USENIX Enigma Conference via YouTube Myths and Lies in InfoSec
USENIX Enigma Conference via YouTube