DEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM
In this research, a digital certificate management system has been developed on iOS devices to address certificate agility costs in certificate pinning. Certificate pinning is a mechanism that matches digital certificates in software with digital certificates on a remote server, allowing communic...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/77857 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:77857 |
|---|---|
| spelling |
id-itb.:778572023-09-15T03:36:36ZDEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM Bagus Dananjaya, Daru Indonesia Final Project In this research, a digital certificate management system has been developed on iOS devices to address certificate agility costs in certificate pinning. Certificate pinning is a mechanism that matches digital certificates in software with digital certificates on a remote server, allowing communication to occur only between trusted parties to prevent man-in-the-middle attacks. However, the certificate pinning mechanism has a drawback known as certificate agility costs, which is a process that developers must regularly perform to update digital certificates in the application bundle to remain synchronized with the versions on the remote server. The management of digital certificates on local devices is accomplished by utilizing a different remote server to dynamically store fingerprints of the managed certificates. By employing this approach, the application can periodically update to stay up-to-date with the list of fingerprints on the remote server. In the final development phase, functionality testing of the system and usage testing on native software on the iOS platform were conducted. Based on the testing results, the system can address certificate agility costs in SSL pinning, although there are still administrative tasks that developers need to perform periodically to keep the list of fingerprints on the remote server up- to-date. This solution can eliminate the risk of adverse user experiences when users do not update during certificate rotation, thus preventing the application from becoming unusable. Additionally, it protects software from man-in-the-middle attacks conducted through SSL Proxying with the Charles Proxy tool. INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/77857 In this research, a digital certificate management system has been developed on iOS devices to address certificate agility costs in certificate pinning. Certificate pinning is a mechanism that matches digital certificates in software with digital certificates on a remote server, allowing communication to occur only between trusted parties to prevent man-in-the-middle attacks. However, the certificate pinning mechanism has a drawback known as certificate agility costs, which is a process that developers must regularly perform to update digital certificates in the application bundle to remain synchronized with the versions on the remote server. The management of digital certificates on local devices is accomplished by utilizing a different remote server to dynamically store fingerprints of the managed certificates. By employing this approach, the application can periodically update to stay up-to-date with the list of fingerprints on the remote server. In the final development phase, functionality testing of the system and usage testing on native software on the iOS platform were conducted. Based on the testing results, the system can address certificate agility costs in SSL pinning, although there are still administrative tasks that developers need to perform periodically to keep the list of fingerprints on the remote server up- to-date. This solution can eliminate the risk of adverse user experiences when users do not update during certificate rotation, thus preventing the application from becoming unusable. Additionally, it protects software from man-in-the-middle attacks conducted through SSL Proxying with the Charles Proxy tool. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
In this research, a digital certificate management system has been developed on iOS
devices to address certificate agility costs in certificate pinning. Certificate pinning
is a mechanism that matches digital certificates in software with digital certificates
on a remote server, allowing communication to occur only between trusted parties
to prevent man-in-the-middle attacks. However, the certificate pinning mechanism
has a drawback known as certificate agility costs, which is a process that developers
must regularly perform to update digital certificates in the application bundle to
remain synchronized with the versions on the remote server. The management of
digital certificates on local devices is accomplished by utilizing a different remote
server to dynamically store fingerprints of the managed certificates. By employing
this approach, the application can periodically update to stay up-to-date with the list
of fingerprints on the remote server. In the final development phase, functionality
testing of the system and usage testing on native software on the iOS platform were
conducted. Based on the testing results, the system can address certificate agility
costs in SSL pinning, although there are still administrative tasks that developers
need to perform periodically to keep the list of fingerprints on the remote server up-
to-date. This solution can eliminate the risk of adverse user experiences when users
do not update during certificate rotation, thus preventing the application from
becoming unusable. Additionally, it protects software from man-in-the-middle
attacks conducted through SSL Proxying with the Charles Proxy tool. |
| format |
Final Project |
| author |
Bagus Dananjaya, Daru |
| spellingShingle |
Bagus Dananjaya, Daru DEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM |
| author_facet |
Bagus Dananjaya, Daru |
| author_sort |
Bagus Dananjaya, Daru |
| title |
DEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM |
| title_short |
DEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM |
| title_full |
DEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM |
| title_fullStr |
DEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM |
| title_full_unstemmed |
DEVELOPMENT OF DIGITAL CERTIFICATE MANAGEMENT SYSTEM ON IOS DEVICES TO ADDRESS CERTIFICATE AGILITY COSTS IN CERTIFICATE PINNING MECHANISM |
| title_sort |
development of digital certificate management system on ios devices to address certificate agility costs in certificate pinning mechanism |
| url |
https://digilib.itb.ac.id/gdl/view/77857 |
| _version_ |
1822008396580126720 |