Supporting End-to-end security Across Proxies with Multiple-channel SSL

Yong Song ; Victor C.M. Leung ; Konstantin Beznosov

16 October 2005

Abstract: Secure Socket Layer (SSL) has functional limitations that prevent end-to-end security in the presence of untrusted intermediary application proxies used by clients to communicate with servers. This paper introduces Multiple-Channel SSL (MC-SSL), an extension of SSL, and describes and analyzes the design of MC-SSL proxy channel protocol that enables the support for end-to-end security of client-server communications in the presence of application proxies. MC-SSL is able to securely negotiate multiple virtual channels with different security characteristics including application proxy and cipher suite.

Keyword(s): MC-SSL ; SSL ; mobile security ; TLS ; network security ; proxy

Published in: Yong Song, Victor C.M. Leung, and Konstantin Beznosov. Supporting end-to-end security across proxies with multiple-channel SSL. In Proceedings of the 19th IFIP International Information Security Conference, pages 246–253, Toulouse, France, 23-26 August 2004.:

