What's SSL Certificate?

Total Page:16

File Type:pdf, Size:1020Kb

What's SSL Certificate? SSL Certificates FAQ Product Introduction FAQ Product Introduction Copyright Notice ©2013-2017 Tencent Cloud. All rights reserved. Copyright in this document is exclusively owned by Tencent Cloud. You must not reproduce, modify, copy or distribute in any way, in whole or in part, the contents of this document without Tencent Cloud's the prior written consent. Trademark Notice All trademarks associated with Tencent Cloud and its services are owned by Tencent Cloud Computing (Beijing) Company Limited and its affiliated companies. Trademarks of third parties referred to in this document are owned by their respective proprietors. Service Statement This document is intended to provide users with general information about Tencent Cloud's products and services only and does not form part of Tencent Cloud's terms and conditions. Tencent Cloud's products or services are subject to change. Specific products and services and the standards applicable to them are exclusively provided for in Tencent Cloud's applicable terms and conditions. ©2013-2017 Tencent Cloud. All rights reserved. Page 2 of 17 FAQ Product Introduction Contents Documentation Legal Notice ............................................................................................................................................ 2 FAQ ............................................................................................................................................................................................. 4 Can the Certificate Be Revoked? ....................................................................................................................................... 4 Why Would Security Review Fail? ..................................................................................................................................... 5 The Site Prompts "Connection Is Untrusted"? ................................................................................................................ 6 What's OpenSSL? ................................................................................................................................................................. 7 What's SSL Certificate?...................................................................................................................................................... 10 What's Private Key? ......................................................................................................................................................... 11 What's CSR? ........................................................................................................................................................................ 12 Is DV Certificate Permanently Free? ............................................................................................................................... 14 Chrome Browser Prompts "Your Connection Is Not Private Key Connection"? ..................................................... 15 Forgot Your Private Key Password?................................................................................................................................ 17 ©2013-2017 Tencent Cloud. All rights reserved. Page 3 of 17 FAQ Product Introduction FAQ Can the Certificate Be Revoked? Now, only offline certificate revocations are supported. Please submit a ticket to contact Tencent Cloud engineers for certificate revocation. For more information on revocation processes of domain validation (DV) certificates, see DV Certificate Revocation ©2013-2017 Tencent Cloud. All rights reserved. Page 4 of 17 FAQ Product Introduction Why Would Security Review Fail? If the following prompt appears when applying for a Domain Validation (DV) SSL certificate, it indicates that the domain name failed to pass the security verification. DV SSL certificates cannot be issued via the rapid review process of Symantec CA for the domain name. Please purchase paid certificates. The specific reasons for failed security verification: According to the anti-phishing mechanism of CAs, sensitive words contained in domain names, such as bank and pay, can cause failed security verifications. Specific sensitive words are defined by CAs. And some less commonly used root domain names may also fail to pass verifications. For example, root domain names with .pw suffix, such as www.qq.pw and www.qcloud.pw , will fail to pass the verification. Because DV SSL certificates are quickly issued through automatic authentication without manual intervention, the verification standards are strengthened with more stringent sensitive words. ©2013-2017 Tencent Cloud. All rights reserved. Page 5 of 17 FAQ Product Introduction The Site Prompts "Connection Is Untrusted"? After the SSL certificate is deployed, the accessed site prompts "Connection is not secure". Is the certificate deployment failed? A: The certificate has been successfully deployed. This problem occurs because that the browser considers the sites unsafe if they use HTTPS protocol and their pages contain unencrypted HTTP contents. In this case, the code needs to be modified. For frontend modification, here are the references: 1. Reference resources with relative paths; 2. When referencing the absolute path, use // to reference resources. For example: //img.qcloud.com/example.png indicates compliance with the protocol of the current page, and the browser will automatically complete it. ©2013-2017 Tencent Cloud. All rights reserved. Page 6 of 17 FAQ Product Introduction What's OpenSSL? OpenSSL is a well-known open source cryptography toolkit for secure communications, and contains cryptographic algorithms, common passwords, and certificate packaging feature. 1. Official Website of OpenSSL Official download address. 2. Installation Method on Windows Installation package for windows is not provided on OpenSSL official website. You can choose tools provided by other open source platforms, for example: http://slproweb.com/products/Win32OpenSSL.html Taking this tool as an example, the installation steps and usage are as follows: 2.1 Download a 32-bit or 64-bit version, for example, Win64OpenSSL_Light-1_0_2h.exe: 2.2 Set environment variables. If the tool is installed in C:\OpenSSL-Win64, copy ©2013-2017 Tencent Cloud. All rights reserved. Page 7 of 17 FAQ Product Introduction C:\OpenSSL-Win64\bin; to Path 2.3 Open the command line program cmd (run as an administrator), enter the directory where 2_www.domain.com.key and 1_www.domain.com_cert.crt are stored, and run the command below openssl pkcs12 -export -out www.domain.com.pfx -inkey 2_www.domain.com.key -in 1_www.domain.com_cert.crt ©2013-2017 Tencent Cloud. All rights reserved. Page 8 of 17 FAQ Product Introduction For example, if the key and crt files are stored in D:\, it runs as follows: Ps: Export Password is not required, so press Enter directly without inputting. 2.4 www.domain.com.pfx is generated in D:. You can continue to complete the certificate installation in IIS Manager. ©2013-2017 Tencent Cloud. All rights reserved. Page 9 of 17 FAQ Product Introduction What's SSL Certificate? Secure Sockets Layer (SSL) is a security protocol designed to ensure security and data integrity for Internet communications. Based on the SSL protocol, an SSL certificate can be installed on the server to achieve encrypted data transfer. Certificate authorities (CAs) are third-party authorities that verify the validity of public keys. They are responsible for specifying policies and procedures to verify users' identities, sign SSL certificates, and ensure the identity of a certificate holder and ownership of a public key. CAs issue SSL certificates for each user using the public key. A SSL certificate is used to certify that individuals/businesses listed in the certificate lawfully own the public key listed in the certificate. Digital signatures from CAs can prevent certificates from being forged and tampered. An SSL certificate actually represents the verification of the public key from an CA, which contains digital certificate-signing authority information, user information of the public key, the public key, authority signature, and expiration date. ©2013-2017 Tencent Cloud. All rights reserved. Page 10 of 17 FAQ Product Introduction What's Private Key? SSL certificates are developed based on public-key cryptography, which encrypts information with digital keys so that the information can only be read by intended recipients after decryption. A key pair consists of a public key and a private key. The public key may be publicly distributed by a user, while the private key is kept by the user. Information that is encrypted with the public key can be decrypted only with the corresponding private key, and vice versa. An SSL certificate actually represents the verification of the public key from an CA, which contains digital certificate-signing authority information, user information of the public key, the public key, authority signature, and expiration date. ©2013-2017 Tencent Cloud. All rights reserved. Page 11 of 17 FAQ Product Introduction What's CSR? CSR is short for Certificate Signing Request. To obtain an SSL certificate, you need to generate a CSR file first and submit it to a certificate authority (CA). The CSR includes a public key and a distinguished name. CSR is typically generated from a web server and a public/private key pair for encryption and decryption will be created at the same time. Relevant organization information is required to create a CSR. The web server creates a distinguished name based on the information
Recommended publications
  • Tracking Users Across the Web Via TLS Session Resumption
    Tracking Users across the Web via TLS Session Resumption Erik Sy Christian Burkert University of Hamburg University of Hamburg Hannes Federrath Mathias Fischer University of Hamburg University of Hamburg ABSTRACT modes, and browser extensions to restrict tracking practices such as User tracking on the Internet can come in various forms, e.g., via HTTP cookies. Browser fingerprinting got more difficult, as trackers cookies or by fingerprinting web browsers. A technique that got can hardly distinguish the fingerprints of mobile browsers. They are less attention so far is user tracking based on TLS and specifically often not as unique as their counterparts on desktop systems [4, 12]. based on the TLS session resumption mechanism. To the best of Tracking based on IP addresses is restricted because of NAT that our knowledge, we are the first that investigate the applicability of causes users to share public IP addresses and it cannot track devices TLS session resumption for user tracking. For that, we evaluated across different networks. As a result, trackers have an increased the configuration of 48 popular browsers and one million of the interest in additional methods for regaining the visibility on the most popular websites. Moreover, we present a so-called prolon- browsing habits of users. The result is a race of arms between gation attack, which allows extending the tracking period beyond trackers as well as privacy-aware users and browser vendors. the lifetime of the session resumption mechanism. To show that One novel tracking technique could be based on TLS session re- under the observed browser configurations tracking via TLS session sumption, which allows abbreviating TLS handshakes by leveraging resumptions is feasible, we also looked into DNS data to understand key material exchanged in an earlier TLS session.
    [Show full text]
  • Data Politics;Worlds, Subjects, Rights;
    DATA POLITICS Data has become a social and political issue because of its capacity to reconfigure relationships between states, subjects, and citizens. This book explores how data has acquired such an important capacity and examines how critical interventions in its uses in both theory and practice are possible. Data and politics are now inseparable: data is not only shaping our social relations, preferences, and life chances but our very democracies. Expert inter- national contributors consider political questions about data and the ways it provokes subjects to govern themselves by making rights claims. Concerned with the things (infrastructures of servers, devices, and cables) and language (code, programming, and algorithms) that make up cyberspace, this book demonstrates that without understanding these conditions of possibility it is impossible to intervene in or to shape data politics. Aimed at academics and postgraduate students interested in political aspects of data, this volume will also be of interest to experts in the fields of internet studies, international studies, Big Data, digital social sciences, and humanities. Didier Bigo is Professor of War Studies at King’s College London and Research Professor at Sciences-Po, CERI Paris. Engin Isin is Professor in International Politics at Queen Mary University of London, UK and University of London Institute in Paris (ULIP). Evelyn Ruppert is Professor of Sociology at Goldsmiths, University of London. Routledge Studies in International Political Sociology Series Editors: Tugba Basaran, University of Kent, UK, Didier Bigo, King’s College London, UK, Emmanuel-Pierre Guittet, University of Manchester, UK, Jef Huysmans, Queen Mary, University of London, UK Routledge Studies in International Political Sociology aims to provide a forum for out- standing empirical and theoretical research engaging with the interplays between the international, the political and the social.
    [Show full text]
  • Tencent Cloud Comunication Solutions for China
    Tencent Cloud Comunication Solutions for China 28.10.2020 © 2020 Tencent Cloud, LLC. All rights reserved. AGENDA • Tencent: “A Chinese Digital Dragon” • The Chinese opportunity • Who is Tencent? • Globalization strategy • Public Cloud • Cloud Communication Solutions • Tencent VooV Meeting • WeChat Work • Tencent Cloud Conference & Exhibition © 2020 Tencent Cloud, LLC. All rights reserved. - Tencent, “A Chinese Digital Dragon” 4 Founded in 1998 and headquartered in Tencent by the numbers: Shenzhen, Tencent is one of the largest • 550+ billion USD market capitalization** technology companies in the world and a global leader in messaging, social media, gaming, • 1.203+ billion monthly active Weixin/WeChat mobile payment, music streaming, digital users* literature, video and other digital content services. • 112 million video subscriptions* • #1 Mobile Payment in China by monthly active users and daily active users* • 62,000+ employees* *As of March 2020 **As of June 10, 2020 © 2020 Tencent Cloud, LLC. All rights reserved. Tencent - User Centric 360-Degree Ecosystem 6 TEG PCG IEG WXG CSIG CDG Technical Platform & Content Interactive Weixin (WeChat) Cloud & Smart Industries Corporate & Engineering Group Group Entertainment Group Group Group Development Group Tencent QQ Tencent Games WeChat Tencent Cloud Tencent Fintech Big Data Tencent YouTu QQ zone Tencent Tencent Tencent e-Sports Marketing WeChat Pay Transit QR Code AI Lab Tencent App Store Solution Tencent Maps WeiShi Timi Studio Tencent Security WeChat Work Platform Smart Retail Tencent News Lightspeed & Mr. Translator Tencent Quantum Studio QQ Mail Data Center QQ Browser Tencent Mobile Manager Tencent Animation Tencent PC Manager Aurora Studio WeRead Tencent Pictures Tencent Miying Next Studio Auto intelligence Penguin Pictures Mini Program Tencent HealthCare Tencent Video MOREFUN Official Tencent Autonomous Studio Account Driving Kuai Bao Tencent Classroom © 2020 Tencent Cloud, LLC.
    [Show full text]
  • Live Video Broadcasting Playing Method
    Playing Method Product Introduction Live Video Broadcasting Playing Method Product Introduction ©2013-2018 Tencent Cloud. All rights reserved. Page 1 of 53 Playing Method Product Introduction Copyright Notice ©2013-2018 Tencent Cloud. All rights reserved. Copyright in this document is exclusively owned by Tencent Cloud. You must not reproduce, modify, copy or distribute in any way, in whole or in part, the contents of this document without Tencent Cloud's the prior written consent. Trademark Notice All trademarks associated with Tencent Cloud and its services are owned by Tencent Cloud Computing (Beijing) Company Limited and its affiliated companies. Trademarks of third parties referred to in this document are owned by their respective proprietors. Service Statement This document is intended to provide users with general information about Tencent Cloud's products and services only and does not form part of Tencent Cloud's terms and conditions. Tencent Cloud's products or services are subject to change. Specific products and services and the standards applicable to them are exclusively provided for in Tencent Cloud's applicable terms and conditions. ©2013-2018 Tencent Cloud. All rights reserved. Page 2 of 53 Playing Method Product Introduction Contents Playing Method Mobile Play Web Play Web Player TcPlayer Web Player TcPlayer FAQ Web LVB Player 1.0 Web LVB Player 1.0 Problem solving Web VOD Player 1.0 Web VOD Player 1.0 Problem solving ©2013-2018 Tencent Cloud. All rights reserved. Page 3 of 53 Playing Method Product Introduction Playing Method Mobile Play Last updated:2018-06-27 11:08:50 Quick integration You can quickly integrate LVB playback feature into your existing App by following the steps below: Step 1: Activate LVB service Step 2: Download RTMP SDK package Step 3: Complete interfacing process by referring to relevant documents (iOS & Android) Complete solution Mobile LVB is a collection of mobile LVB solutions.
    [Show full text]
  • Understanding Quality of Experiences on Different Mobile Browsers
    Understanding Quality of Experiences on Different Mobile Browsers: Measurements, Analysis, and Implications Yun Ma and Shuailiang Dong Abstract The web browser is one of the major channels to access the Internet on mobile devices. Based on the smartphone usage logs from millions of real-world Android users, it is interesting to find that about 38% users have more than one browser on their devices. However, it is unclear whether the quality of browsing experiences are different when visiting the same webpage on different browsers. In this paper, we collect 3-week consecutive traces of 337 popular webpages on three popular mobile browsers: Chrome, Firefox, and Opera. We first use a list of metrics and conduct an empirical study to measure the differences of these metrics on different browsers. Then, we explore the variety of loading time and cache performance of different browsers when visiting the same webpage, which has a great impact on the browsing experience. Furthermore, we try to find which metrics have significant effect on the differences, investigating the possible causes. Finally, according to our findings, we give some recommendations to web developers, browser vendors, and end users. 1 Introduction Web browsing is always the major requirement of Internet users. Recent reports show that the number of smartphone users worldwide has been over 2.6 billion, and the web traffic volume from mobile devices has exceeded that from desktop PCs. Compared to desktop PCs, web browsing on smartphones considers more on the quality of experiences (QoE): not only the look-and-feel and page loading time, but also the data traffic and energy consumption.
    [Show full text]
  • Shedding (Some) Light on Mobile Browsers Energy Consumption
    Shedding (Some) Light on Mobile Browsers Energy Consumption Matteo Varvello Benjamin Livshits Nokia, Bell Labs Brave Software [email protected] [email protected] Abstract—Following its desktop counterpart, the mobile battery usage, like CPU and bandwidth utilization. TableI browsers ecosystem has been growing from few browsers shows a direct comparison of the measurement study we (Chrome, Firefox, and Safari) to a plethora of browsers, each perform in our work with similar studies that can be found, with unique characteristics (battery friendly, privacy preserving, etc.).The main contribution of this work is a thorough benchmark to the best of our knowledge, among related works. The main of 15 Android browsers using multiple settings (adblocking, dark takeaway from the table is that our work completes previous mode, power savings), devices, workloads (up to 600 websites and works in three aspects. First, we focus on a larger set of 100 concurrent tabs), and network configurations. We perform a browsers (15 versus 1, at most), and browser settings, e.g., battery-centric analysis and show that: 1) 5 out of 8 adblocking also exploring dark and power saving modes. Second, we browsers produce significant battery savings (up to 30% in the case of Brave) compared to more popular browsers like cover a variety of workloads, investigating 7x the number of Chrome or Firefox, 2) Opera is the most efficient browser when websites tested in the largest previous study [4] and using dealing with a large number of concurrent tabs, 3) dark mode several workloads with up to 100 concurrent tabs. Third, we on AMOLED devices offers an extra 12% of battery savings, are the first to evaluate browsers in the wild.
    [Show full text]
  • Playing Fair in the Privacy Sandbox: Competition, Privacy, and Interoperability Standards
    Playing fair in the Privacy Sandbox: competition, privacy, and interoperability standards Mark Nottingham* Abstract Google’s Privacy Sandbox proposals to change the Chrome browser in ways that are likely to further advantage them over other publishers and advertising platforms has attracted the attention of competition regulators, the online advertising industry, and critics of their platform power. At the same time, the Privacy Sandbox appears to answer a call from data protection regulators, privacy advocates and users for ‘privacy by design,’ moving in lockstep with its industry peers. How, then, should this behaviour be evaluated for abuse? I argue that there are several hurdles to considering the most controversial Privacy Sandbox proposal – blocking third-party cookies – as an abuse of market power. Furthermore, I propose that, because web browsers are an architecturally regulated market, competition regulators should distinguish unilateral behaviour by examining it in the context of other browsers’ behaviours, along with signals regarding consensus from the relevant standards bodies. I Introduction The UK Competition and Markets Authority (CMA) recently announced an investigation into Google’s Privacy Sandbox proposals1 because of their potential to ‘undermine the ability of publishers to generate revenue and undermine competition in digital advertising, entrenching Google’s market power.’2 Geradin, Katsifis, and Karanikioti support this view, concluding that ‘Chrome’s policy change raises… antitrust concerns, in that it may distort * Mark Nottingham is a student at Melbourne Law School, Chair of the IETF HTTP Working Group, and recently a member of the Internet Architecture Board. Previously, he was a member of the W3C Technical Architecture Group.
    [Show full text]
  • The Evolving Israel-China Relationship
    The Evolving Israel- China Relationship Shira Efron, Howard J. Shatz, Arthur Chan, Emily Haskel, Lyle J. Morris, Andrew Scobell C O R P O R A T I O N For more information on this publication, visit www.rand.org/t/RR2641 Library of Congress Cataloging-in-Publication Data is available for this publication. ISBN: 978-1-9774-0233-2 Published by the RAND Corporation, Santa Monica, Calif. © Copyright 2019 RAND Corporation R® is a registered trademark. Cover: Photo by esfera via Shutterstock. Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions. The RAND Corporation is a research organization that develops solutions to public policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan, and committed to the public interest. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org Preface Since the early 2000s, relations between China and Israel have expanded rapidly in numerous areas, including diplomacy, trade, investment, construction, educational partnerships, scientific coopera- tion, and tourism.
    [Show full text]
  • Nokia Browser Download New Version
    Nokia browser download new version Download Nokia Browser for Java now from Softonic: % safe and virus free. More than 24 downloads this month. Download Nokia Browser latest version. Nokia Browser for Java, free and safe download. Nokia Browser latest version: Navigate the web quickly on your S40 device. Nokia Browser is a slick web. If you have nokia phone then you can install its new and even old version, Both old and new version have so many features which are really. Download Nokia Browser Latest Version - best software for Windows. Nokia Software Updater: Nokia Software Updater provides you with an easy-to-use tool for. Get the best version of Opera Mini for your phone Nokia users, please share feedback about your new browser on Opera India's Facebook. Browser JavaScript is a feature that allows Opera to automatically fix Any updates will be automatically downloaded and applied the next time a page is Opera version is available, but it will still check for a new version of the file. Download for free to browse faster and save data on your phone or tablet. Discover new content and speed up slow connections with our fast mobile browsers. is the official website of UC Browser. You can download the latest version here. Visit to get the latest installation package for. Xpress Browser - We are creating Visual Studio browser to show how we can Xpress Browser (version) is available for download from our website. UC Browser for Nokia; Download for free to enjoy faster surfing buzz around their new smartphones including Nokia 7, Nokia 8, and Nokia 9 with Android OS, Nokia depended on their own software and OS versions.
    [Show full text]
  • Security Evaluation of Multi-Factor Authentication in Comparison with the Web Authentication API
    Hochschule Wismar University of Applied Sciences Technology, Business and Design Faculty of Engineering, Department EE & CS Course of Studies: IT-Security and Forensics Master’s Thesis for the Attainment of the Academic Degree Master of Engineering (M. Eng.) Security Evaluation of Multi-Factor Authentication in Comparison with the Web Authentication API Submitted by: September 30, 2019 From: Tim Brust born xx/xx/xxxx in Hamburg, Germany Matriculation number: 246565 First supervisor: Prof. Dr.-Ing. habil. Andreas Ahrens Second supervisor: Prof. Dr. rer. nat. Nils Gruschka Purpose of This Thesis The purpose of this master’s thesis is an introduction to multi-factor authentication, as well as to the conventional methods of authentication (knowledge, possession, biometrics). This introduction includes technical functionality, web usability, and potential security threats and vulnerabilities. Further, this thesis will investigate whether the Web Authentication API is suit- able as an alternative or possible supplement to existing multi-factor authentication methods. The question has to be answered to what extent the Web Authentication API can increase security and user comfort. An evaluation of the security of the Web Authentication API in comparison with other multi-factor authentication solutions plays a crucial role in this thesis. Abstract Internet users are at constant risk, given that data breaches happen nearly daily. When a breached password is re-used, it renders their whole digital identity in dan- ger. To counter these threats, the user can deploy additional security measures, e.g., multi-factor authentication. This master’s thesis introduces and compares the multi- factor authentication solutions, one-time passwords, smart cards, security keys, and the Universal Second Factor protocol with a focus on their security.
    [Show full text]
  • PCSL Greater China Region False Positive Test (2011 January)
    PC Security Labs PCSL Greater China Region False Positive Test (2011 January) PC Security Labs www.pcsecuritylabs.net Menu Menu 1. Test introduction and highlights 2. Test set and award criteria 3. Participating vendors and products 4. Detailed test results 5. Monthly award logo 6. Disclaimer We Understand China www.pcsecuritylabs.net PC Security Labs 1. TEST INTRODUCTION AND HIGHLIGHTS A "false positive" is when antivirus software reports a clean file or a non-malicious activity as malicious. False positives can cause system crashes and other severe problems that may directly lead to serious economic losses. Please note that the false positive test does not tell you anything about the effectiveness of protection that any participating product may provide. For this new test: A. Our set of popular software has been updated. B. For the first time, the test bed also covers popular software fromTaiwan, especially banking and securities software. C. We chose 30 types of commonly used applications, in order to check whether security software blocks the installation of normal applications besides the normal static scan of our clean file database. D. We will quote the data from this test and use it in the coming China region malware comparatives test and the total protection test. 2. TEST SET AND AWARD CRITERIA The sample set covers recent newly added software and popular software in the Greater China region (Mainland China, Hong Kong, Macau and Taiwan). The following clean files were reported by security software during this test: 3 We Understand
    [Show full text]
  • Enhanced Performance and Privacy for Core Internet Protocols
    Enhanced Performance and Privacy for Core Internet Protocols Kumulative Dissertation zur Erlangung des akademischen Grades Dr. rer. nat. an der Fakultät für Mathematik, Informatik und Naturwissenschaften der Universität Hamburg eingereicht beim Fach-Promotionsausschuss Informatik von Erik Sy aus Pasewalk November 2019 Gutachter: Prof. Dr.-Ing. Hannes Federrath Prof. Dr-Ing. Claudia Diaz Tag der Disputation: 18. August 2020 Danksagung Diese Dissertation ist zwischen 2016 und 2019 am Arbeitsbereich Security and Privacy der Universität Hamburg entstanden. An dieser Stelle möchte ich mich bei allen bedanken, die zu ihrem Gelingen beigetragen haben. Besonderer Dank gilt meinem Doktorvater Hannes Federrath, der mich bei der Erstellung dieser Dissertation begleitet hat. Er hat mit mir die Zuversicht geteilt, dass ich nach meinem Studium der Physik erfolgreich in der IT-Sicherheit forschen werde. Mein Dank gilt ferner Christian Burkert, Mathias Fischer, Dominik Herrmann, Moritz Mön- nich, Tobias Müller, und Matthias Marx für die tolle Zusammenarbeit beim Verfassen von Forschungsbeiträgen. Ich bedanke mich auch bei meinen Kollegen die ich während meiner Promotionszeit kennen und schätzen gelernt habe: Maximilian Blochberger, Britta Böhm, Doganalp Ergenc, Steffen Haas, Malte Hamann, Stefanie Jasser, David Jost, Jens Lindemann, Sadaf Momeni, Johanna Nehring- Ansohn, Tom Petersen, Dimitra Pons, Henning Pridöhl, Eugen Ruppert, Monina Schwarz, Nurefsan Sertbas, Bahareh Shojaie, Marius Stübs, Florian Wilkens und Ephraim Zimmer. Schließlich bedanke ich mich bei meiner Familie, die mich nach Kräften unterstützt und bestärkt hat. Mein ganz besonderer Dank gilt meiner Partnerin Lisa und meinen Kindern Malou und Bela. Sie haben mich intensiv während des Entstehens dieser Arbeit begleitet und mich, immer wenn es nötig war, wieder auf andere Gedanken gebracht.
    [Show full text]