Print Email Facebook Twitter Security economics in the HTTPS value chain Title Security economics in the HTTPS value chain Author Asghari, H. Van Eeten, M.J.G. Arnbak, A.M. Van Eijk, N.A.N.M. Faculty Technology, Policy and Management Department Multi Actor Systems Date 2013-06-12 Abstract Even though we increasingly rely on HTTPS to secure Internet communications, several landmark incidents in recent years have illustrated that its security is deeply flawed. We present an extensive multi-disciplinary analysis that examines how the systemic vulnerabilities of the HTTPS authentication model could be addressed. We conceptualize the security issues from the perspective of the HTTPS value chain. We then discuss the breaches at several Certificate Authorities (CAs). Next, we explore the security incentives of CAs via the empirical analysis of the market for SSL certificates, based on the SSL Observatory dataset. This uncovers a surprising pattern: there is no race to the bottom. Rather, we find a highly concentrated market with very large price differences among suppliers and limited price competition. We explain this pattern and explore what it tells us about the security incentives of CAs, including how market leaders seem to benefit from the status quo. In light of these findings, we look at regulatory and technical proposals to address the systemic vulnerabilities in the HTTPS value chain, in particular the EU eSignatures proposal that seeks to strictly regulate HTTPS communications. Subject HTTPScybersecurityinternet governanceconstitutional valuesE-Commercevalue chain analysissecurity economicseSignatures RegulationSSLTLSdigital certificatescertificate authorities To reference this document use: http://resolver.tudelft.nl/uuid:a059372f-ca97-468c-893a-d0b944674a28 DOI https://doi.org/10.2139/ssrn.2277806 Publisher Social Science Research Network (SSRN) Source Working Papers Series; last revised: July 16, 2013 Part of collection Institutional Repository Document type report Rights (c) 2013 The Author(s) Files PDF 294116.pdf 1.02 MB Close viewer /islandora/object/uuid:a059372f-ca97-468c-893a-d0b944674a28/datastream/OBJ/view