Visible to the public Introduction to HTTP security headers and implementation of HTTP strict transport security (HSTS) header for HTTPS enforcing

Submitted by K_Hooper on Wed, 12/20/2017 - 11:33am
TitleIntroduction to HTTP security headers and implementation of HTTP strict transport security (HSTS) header for HTTPS enforcing
Publication TypeConference Paper
Year of Publication2017
AuthorsDolnák, I., Litvik, J.
Conference Name2017 15th International Conference on Emerging eLearning Technologies and Applications (ICETA)
KeywordsBrowsers, communication security, Computer crime, HSTS, HTTP protocol, HTTP strict transport security header, HTTPS protocol, Human Behavior, hypermedia, Internet, Internet of Things, IoT, Metrics, Protocols, pubcrawl, Resiliency, security, security of data, security policies, SSL-TLS certificates, transport protocols, Web Browser Security, Web browsers, Web servers, Web sites
Abstract

This article presents introduction to HTTP Security Headers - new security topic in communication over Internet. It is emphasized that HTTPS protocol and SSL/TLS certificates alone do not offer sufficient level of security for communication among people and devices. In the world of web applications and Internet of Things (IoT), it is vital to bring communication security at higher level, what could be realised via few simple steps. HTTP Response Headers used for different purposes in the past are now the effective way how to propagate security policies from servers to clients (from web servers to web browsers). First improvement is enforcing HTTPS protocol for communication everywhere it is possible and promote this protocol as first and only option for secure connection over the Internet. It is emphasized that HTTP protocol for communication is not suitable anymore.
URLhttps://ieeexplore.ieee.org/document/8102478/
DOI10.1109/ICETA.2017.8102478
Citation Keydolnak_introduction_2017
Groups: