Abstract
Web access involves various protocols to resolve domain names to IP addresses, establish data exchange channels with Web servers, and to authenticate communication partners. Each protocol has its own set of requirements and security measures. In addition to technical features, operating the Web also introduces organizational and political aspects which are important to consider when deploying a secure basis for Web-based communication. In this paper, we propose an algorithmic security model based on the widely deployed technologies DNS(SEC) and Web PKI to cover the three dimensions identification , resolution , and transaction . Our model enables quantification and qualification of the security assurance provided by an online service provider. To verify the applicability of our model, we investigate the online presence of Alerting Authorities in the U.S., selected German Emergency Service providers, and UN member states . We observe partially enhanced security relative to global Internet trends, yet find cause for concern as only about 6% of unique hosts cater to secure resolution. About 46% of investigated organizations use shared certificates with 1% of all organizations having no or invalid certificates. Two thirds of organizations are not uniquely identifiable and as such lack the basic requirement of trustworthy communication.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
