Server Location Verification (SLV) and Server Location Pinning

Abstract: We introduce the first known mechanism providing realtime server location verification. Its uses include enhancing server authentication (e.g., augmenting TLS) by enabling browsers to automatically interpret server location information. We describe the design of this new measurement-based technique, Server Location Verification (SLV), and evaluate it using PlanetLab. We explain how SLV is compatible with the increasing trends of geographically distributed content dissemination over the Internet, without causin… Show more

“…The browser can either perform automatic verification (e.g., during the TLS handshake) of the location information or directly display it to the user. Abdou and van Oorschot proposed similar methods of augmenting TLS by actively estimating website locations using delay-based measurements from multiple locations [2]. These approaches leverage the uniqueness and verifiability of private web server locations to supplement existing server authentication.…”

“…Since we are investigating users' involvement with location information, we inherit the same attacker model proposed in related work on TLS [11] and website location authentication [2], [39]. Specifically, we assume that the attacker is able to impersonate the server by compromising its public key certificate, e.g., by obtaining a fraudulent certificate from a compromised CA or learning the server's private key.…”

“…Based on our qualitative analysis, we developed a set of design requirements for our location tool, LocationWatch. LocationWatch is intended to act as a visual indicator to inform users about the result of server location verification, envisioned to use recently-proposed methods [2], [39]. We implemented LocationWatch as a Chrome extension featuring a flag indicator, a location tip, and a warning message.…”

“…We defined task completion as having logged into the web service and completed the given task. We encoded completed tasks as 1, and uncompleted tasks 2 The notches in the box plots represent the 95% confidence intervals around the median. When the intervals fall outside the 1 st or 3 rd quartiles, the notches extend beyond the box.…”

“…Recent research on strengthening server authentication has proposed using the servers geographic location as an additional trust factor [2], [39]. These proposals integrate web server location into the TLS protocol to increase the security of server authentication, but they require the user to assess and decide whether these locations are trustworthy in situations where the protocol fails (similar to current implementations of certificates).…”

Exploring Website Location as a Security Indicator

“…The browser can either perform automatic verification (e.g., during the TLS handshake) of the location information or directly display it to the user. Abdou and van Oorschot proposed similar methods of augmenting TLS by actively estimating website locations using delay-based measurements from multiple locations [2]. These approaches leverage the uniqueness and verifiability of private web server locations to supplement existing server authentication.…”

“…Since we are investigating users' involvement with location information, we inherit the same attacker model proposed in related work on TLS [11] and website location authentication [2], [39]. Specifically, we assume that the attacker is able to impersonate the server by compromising its public key certificate, e.g., by obtaining a fraudulent certificate from a compromised CA or learning the server's private key.…”

“…Based on our qualitative analysis, we developed a set of design requirements for our location tool, LocationWatch. LocationWatch is intended to act as a visual indicator to inform users about the result of server location verification, envisioned to use recently-proposed methods [2], [39]. We implemented LocationWatch as a Chrome extension featuring a flag indicator, a location tip, and a warning message.…”

“…We defined task completion as having logged into the web service and completed the given task. We encoded completed tasks as 1, and uncompleted tasks 2 The notches in the box plots represent the 95% confidence intervals around the median. When the intervals fall outside the 1 st or 3 rd quartiles, the notches extend beyond the box.…”

“…Recent research on strengthening server authentication has proposed using the servers geographic location as an additional trust factor [2], [39]. These proposals integrate web server location into the TLS protocol to increase the security of server authentication, but they require the user to assess and decide whether these locations are trustworthy in situations where the protocol fails (similar to current implementations of certificates).…”

Exploring Website Location as a Security Indicator

A lightweight and cost effective edge intelligence architecture based on containerization technology

Docker based Intelligent Fall Detection using Edge-Fog Infrastructure