Quantifying the value of SSL certification with web reputation metrics

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Abstract

    Protection in the Internet and World Wide Web is based on the Socket Secure Layer (SSL) protocol and certification authorities, who verify the identities of servers with SSL certificates. Trust in the Web is based on users' perception of sites' trustworthiness and privacy as well as knowledge of servers' monitored behavior. Community-based reputation systems enable users to share their views on servers' trustworthiness. In this paper, we provide a large-scale empirical analysis on the correlation of SSL certification and community-based reputation evaluations. By using publicly available global certificate and reputation databases, we study how availability of SSL support and properties of certificates correlates to users' perception of trust, dependability, and privacy. The paper proposes a metric for revealing the benefits that service providers gain from SSL certification in general, from authority selection, and from extended validation. The proposed reputation metric could provide a mean to quantify the users' valuation of security measures. Hence, it can be utilized when selecting and designing new web security mechanisms
    Original languageEnglish
    Title of host publicationProceedings of the Seventh International Conference on Internet Monitoring and Protection
    PublisherInternational Academy, Research, and Industry Association IARIA
    Pages7-12
    ISBN (Print)978-1-61208-201-1
    Publication statusPublished - 2012
    MoE publication typeA4 Article in a conference publication
    EventThe Seventh International Conference on Internet Monitoring and Protection, ICIMP 2012 - Stuttgart, Germany
    Duration: 27 May 20121 Jun 2012

    Conference

    ConferenceThe Seventh International Conference on Internet Monitoring and Protection, ICIMP 2012
    Abbreviated titleICIMP 2012
    CountryGermany
    CityStuttgart
    Period27/05/121/06/12

    Fingerprint

    World Wide Web
    Servers
    Computer systems
    Availability
    Internet
    Network protocols

    Keywords

    • Web security
    • web reputation
    • web of Trust
    • SSL
    • HTTPS
    • certification
    • correlation analysis

    Cite this

    Suomalainen, J. (2012). Quantifying the value of SSL certification with web reputation metrics. In Proceedings of the Seventh International Conference on Internet Monitoring and Protection (pp. 7-12). International Academy, Research, and Industry Association IARIA.
    Suomalainen, Jani. / Quantifying the value of SSL certification with web reputation metrics. Proceedings of the Seventh International Conference on Internet Monitoring and Protection. International Academy, Research, and Industry Association IARIA, 2012. pp. 7-12
    @inproceedings{01bdd4c5ad4f4246b5d8242011541f75,
    title = "Quantifying the value of SSL certification with web reputation metrics",
    abstract = "Protection in the Internet and World Wide Web is based on the Socket Secure Layer (SSL) protocol and certification authorities, who verify the identities of servers with SSL certificates. Trust in the Web is based on users' perception of sites' trustworthiness and privacy as well as knowledge of servers' monitored behavior. Community-based reputation systems enable users to share their views on servers' trustworthiness. In this paper, we provide a large-scale empirical analysis on the correlation of SSL certification and community-based reputation evaluations. By using publicly available global certificate and reputation databases, we study how availability of SSL support and properties of certificates correlates to users' perception of trust, dependability, and privacy. The paper proposes a metric for revealing the benefits that service providers gain from SSL certification in general, from authority selection, and from extended validation. The proposed reputation metric could provide a mean to quantify the users' valuation of security measures. Hence, it can be utilized when selecting and designing new web security mechanisms",
    keywords = "Web security, web reputation, web of Trust, SSL, HTTPS, certification, correlation analysis",
    author = "Jani Suomalainen",
    note = "Project code: 75161",
    year = "2012",
    language = "English",
    isbn = "978-1-61208-201-1",
    pages = "7--12",
    booktitle = "Proceedings of the Seventh International Conference on Internet Monitoring and Protection",
    publisher = "International Academy, Research, and Industry Association IARIA",
    address = "United States",

    }

    Suomalainen, J 2012, Quantifying the value of SSL certification with web reputation metrics. in Proceedings of the Seventh International Conference on Internet Monitoring and Protection. International Academy, Research, and Industry Association IARIA, pp. 7-12, The Seventh International Conference on Internet Monitoring and Protection, ICIMP 2012, Stuttgart, Germany, 27/05/12.

    Quantifying the value of SSL certification with web reputation metrics. / Suomalainen, Jani.

    Proceedings of the Seventh International Conference on Internet Monitoring and Protection. International Academy, Research, and Industry Association IARIA, 2012. p. 7-12.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    TY - GEN

    T1 - Quantifying the value of SSL certification with web reputation metrics

    AU - Suomalainen, Jani

    N1 - Project code: 75161

    PY - 2012

    Y1 - 2012

    N2 - Protection in the Internet and World Wide Web is based on the Socket Secure Layer (SSL) protocol and certification authorities, who verify the identities of servers with SSL certificates. Trust in the Web is based on users' perception of sites' trustworthiness and privacy as well as knowledge of servers' monitored behavior. Community-based reputation systems enable users to share their views on servers' trustworthiness. In this paper, we provide a large-scale empirical analysis on the correlation of SSL certification and community-based reputation evaluations. By using publicly available global certificate and reputation databases, we study how availability of SSL support and properties of certificates correlates to users' perception of trust, dependability, and privacy. The paper proposes a metric for revealing the benefits that service providers gain from SSL certification in general, from authority selection, and from extended validation. The proposed reputation metric could provide a mean to quantify the users' valuation of security measures. Hence, it can be utilized when selecting and designing new web security mechanisms

    AB - Protection in the Internet and World Wide Web is based on the Socket Secure Layer (SSL) protocol and certification authorities, who verify the identities of servers with SSL certificates. Trust in the Web is based on users' perception of sites' trustworthiness and privacy as well as knowledge of servers' monitored behavior. Community-based reputation systems enable users to share their views on servers' trustworthiness. In this paper, we provide a large-scale empirical analysis on the correlation of SSL certification and community-based reputation evaluations. By using publicly available global certificate and reputation databases, we study how availability of SSL support and properties of certificates correlates to users' perception of trust, dependability, and privacy. The paper proposes a metric for revealing the benefits that service providers gain from SSL certification in general, from authority selection, and from extended validation. The proposed reputation metric could provide a mean to quantify the users' valuation of security measures. Hence, it can be utilized when selecting and designing new web security mechanisms

    KW - Web security

    KW - web reputation

    KW - web of Trust

    KW - SSL

    KW - HTTPS

    KW - certification

    KW - correlation analysis

    M3 - Conference article in proceedings

    SN - 978-1-61208-201-1

    SP - 7

    EP - 12

    BT - Proceedings of the Seventh International Conference on Internet Monitoring and Protection

    PB - International Academy, Research, and Industry Association IARIA

    ER -

    Suomalainen J. Quantifying the value of SSL certification with web reputation metrics. In Proceedings of the Seventh International Conference on Internet Monitoring and Protection. International Academy, Research, and Industry Association IARIA. 2012. p. 7-12