Authoritative SSL Auditor

Abstract

The Authoritative SSL Auditor provides evidence on demand of any interaction over the network. It is a completely self-contained and absolutely passive device, yielding very low total cost of ownership and very low impact on running applications. It records both unencrypted and encrypted network interactions, then signs them with a US Government certified hardware security module. This process creates extremely strong evidence for unencrypted traffic and practically unimpeachable evidence for encrypted traffic. Because the original network communications is its source, the ASA reflects what actually happened instead of what a particular system thinks happened.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 01, 2006
Accession Number
ADA457576

Entities

People

  • Eric Rescoria
  • Kevin Dick

Tags

Communities of Interest

  • Human Systems
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Application Software
  • Commerce
  • Contracts
  • Data Centers
  • Databases
  • Decoding
  • Department Of Homeland Security
  • Engineers
  • Governments
  • Homeland Security
  • Information Processing
  • Information Systems
  • Lessons Learned
  • Security
  • Standards
  • User Interface

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Financial Management and Audit.
  • Educational Psychology