Levin, Dumitras, and Team Discover Problems in Heartbleed Bug Fix
November 07, 2014
Assistant Research Scientist Dave Levin (CS) and Assistant Professor Tudor Dumitras (ECE) worked with a team of computer scientists from Northeastern and Stanford universities on "Analysis of SSL Certificate Reissues and Revocations in the Wake of Heartbleed." Their paper, presented at the ACM 2014 Internet Measurement Conference in Vancouver, BC, addresses the difficult task of measuring whether or when a systems administrator should have revoked a certificate (for the secure operation of a public key infrastructure or PKI) in the wake of a security threat--in this case, Heartbleed.
Both Levin and Dumitras have appointments in The Maryland Cyber Security Center.