How Kournikova can help to steal data?
In: Proceedings of FIKUSZ '12
AbstractAs not only the amount of data stored digitally in computers but our dependency of these data, too, increases day by day it is of critical importance to prevent unathorized data accesses. To gain access to other parties' data and, on the other hand, make it as hard as possible is (and has always been) a heavy fight between the data owners and the spies, only the tools have changed since ancient times. Https has become part of our everyday life as an excellent arm to protect the sensitive data of confidential communications from accessing our gmail mailbox to netbanking. Https is based on a two-key encryption standard which, according to the publicly known results of mathematics, cannot be attacked directly. In theory. In practice there exist roundabouts. In this paper I show a possible and low cost technical-organisational solution of such an attack which could be performed because of some malpractice of IT-managers: manipulation of top level certificates.
Download InfoIf you experience problems downloading a file, check if you have the proper application to view it first. In case of further problems read the IDEAS help page. Note that these files are not on the IDEAS site. Please be patient as the files may be large.
This chapter was published in: Pál Michelberger (ed.) Proceedings of FIKUSZ '12, , pages 161-170, 2012.
This item is provided by Óbuda University, Keleti Faculty of Business and Management in its series Proceedings of FIKUSZ '12 with number 161-170.
data security; certificates; manipulating top level certificates;
Find related papers by JEL classification:
- M31 - Business Administration and Business Economics; Marketing; Accounting - - Marketing and Advertising - - - Marketing
- M37 - Business Administration and Business Economics; Marketing; Accounting - - Marketing and Advertising - - - Advertising
You can help add them by filling out this form.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Alexandra Vécsey).
If references are entirely missing, you can add them using this form.