Quantifying the value of SSL certification with web reputation metrics

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Abstract

    Protection in the Internet and World Wide Web is based on the Socket Secure Layer (SSL) protocol and certification authorities, who verify the identities of servers with SSL certificates. Trust in the Web is based on users' perception of sites' trustworthiness and privacy as well as knowledge of servers' monitored behavior. Community-based reputation systems enable users to share their views on servers' trustworthiness. In this paper, we provide a large-scale empirical analysis on the correlation of SSL certification and community-based reputation evaluations. By using publicly available global certificate and reputation databases, we study how availability of SSL support and properties of certificates correlates to users' perception of trust, dependability, and privacy. The paper proposes a metric for revealing the benefits that service providers gain from SSL certification in general, from authority selection, and from extended validation. The proposed reputation metric could provide a mean to quantify the users' valuation of security measures. Hence, it can be utilized when selecting and designing new web security mechanisms
    Original languageEnglish
    Title of host publicationProceedings of the Seventh International Conference on Internet Monitoring and Protection
    PublisherInternational Academy, Research, and Industry Association IARIA
    Pages7-12
    ISBN (Print)978-1-61208-201-1
    Publication statusPublished - 2012
    MoE publication typeA4 Article in a conference publication
    EventThe Seventh International Conference on Internet Monitoring and Protection, ICIMP 2012 - Stuttgart, Germany
    Duration: 27 May 20121 Jun 2012

    Conference

    ConferenceThe Seventh International Conference on Internet Monitoring and Protection, ICIMP 2012
    Abbreviated titleICIMP 2012
    CountryGermany
    CityStuttgart
    Period27/05/121/06/12

      Fingerprint

    Keywords

    • Web security
    • web reputation
    • web of Trust
    • SSL
    • HTTPS
    • certification
    • correlation analysis

    Cite this

    Suomalainen, J. (2012). Quantifying the value of SSL certification with web reputation metrics. In Proceedings of the Seventh International Conference on Internet Monitoring and Protection (pp. 7-12). International Academy, Research, and Industry Association IARIA. http://thinkmind.org/index.php?view=article&articleid=icimp_2012_1_20_30027