Skip to Main content Skip to Navigation
Conference papers

A Socio-technical Understanding of TLS Certificate Validation

Abstract : To authenticate a web server, modern browsers check whether a TLS certificate is valid. This check is socio-technical because, when the technical validation fails, it may request the user to decide, intertwining the usual technical issues with social elements, such as trust and cultural values. Hence the need for a methodology aimed at a socio-technical understanding of TLS certificate validation. This aim is demanding not only due to user participation but also because browsers behave differently. An innovative methodology is outlined and demonstrated on the four market-leader browsers, Chrome, Internet Explorer, Firefox and Opera Mini. It involves modelling in UML the multi-layered interactions among servers, browsers, and users and then translating them into a formal language amenable to model checking socio-technical security properties.
Document type :
Conference papers
Complete list of metadata

Cited literature [7 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, February 15, 2017 - 11:38:55 AM
Last modification on : Friday, November 8, 2019 - 3:06:02 PM
Long-term archiving on: : Tuesday, May 16, 2017 - 1:08:06 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Giampaolo Bella, Rosario Giustolisi, Gabriele Lenzini. A Socio-technical Understanding of TLS Certificate Validation. 7th Trust Management (TM), Jun 2013, Malaga, Spain. pp.281-288, ⟨10.1007/978-3-642-38323-6_23⟩. ⟨hal-01468204⟩



Record views


Files downloads