International Journal of Science and Research (IJSR)

International Journal of Science and Research (IJSR)
www.ijsr.net | Most Trusted Research Journal Since Year 2012

ISSN: 2319-7064



Survey Paper | Information Technology | India | Volume 3 Issue 6, June 2014

The Heartbleed Bug: An Open Secure Sockets Layer Vulnerability

Thabiso Peter Mpofu, Noe Elisa, Nicholaus Gati

The Open Secure Sockets Layer (OpenSSL) is used to provide a secure platform for transactions that happen over the internet. About two thirds of the servers on the internet use the OpenSSL platform to provide secure transaction over the internet. The OpenSSL is a widely used open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Transactions such as online shopping; emails and online banking are carried out on the internet through the OpenSSL and other platforms which provide a security. Vulnerabilities have however been found in the OpenSSL that has resulted in a wide public outcry all over the world. A vulnerability referred to as the Heartbleed Bug has sent shockwaves all over the internet. From the study we conducted; the scope of the data that has been potentially compromised is astronomical and includes usernames; passwords; bank account and credit card numbers; medical data; documents in online cloud storage. Not only has all of this user data been directly compromised; but; what are worse; the private keys of the servers running the vulnerable versions of OpenSSL were also almost certainly compromised. We recommend patching of affected applications or/and upgrade to versions that are not vulnerable in order to mitigate the risks identified.

Keywords: OpenSSL, Heartbleed bug, secure, Transport Layer Security, Secure Sockets Layer, vulnerability

Edition: Volume 3 Issue 6, June 2014

Pages: 1470 - 1473


How to Cite this Article?

Thabiso Peter Mpofu, Noe Elisa, Nicholaus Gati, "The Heartbleed Bug: An Open Secure Sockets Layer Vulnerability", International Journal of Science and Research (IJSR), https://www.ijsr.net/search_index_results_paperid.php?id=2014489, Volume 3 Issue 6, June 2014, 1470 - 1473

29 PDF Views | 26 PDF Downloads

Download Article PDF



Similar Articles with Keyword 'secure'

M.Tech / M.E / PhD Thesis, Information Technology, India, Volume 4 Issue 3, March 2015

Pages: 2441 - 2444

Privacy-Preservation of Centralized and Distributed Social Network by Using L-Diversity Algorithm

Shankaranand, P. Rajasekar

Share this article

Research Paper, Information Technology, India, Volume 4 Issue 4, April 2015

Pages: 1651 - 1653

Secure Package Manager for UTM

Tom K Sunny, Beatrice Ssowmiya J

Share this article

Research Paper, Information Technology, India, Volume 4 Issue 2, February 2015

Pages: 2137 - 2142

Multiple Prevention Techniques for Different Attacks in Web Application

Tejal V. Kasture, Pinaki P. Dixit, Pooja S. Ovhal, Gayatri Sathe, Neelam A. Zambre

Share this article

Research Paper, Information Technology, India, Volume 4 Issue 4, April 2015

Pages: 1990 - 1993

Advanced Persistent Threat Detection System

Hanu Prasannan, Dharani.J

Share this article

Research Paper, Information Technology, India, Volume 4 Issue 7, July 2015

Pages: 2400 - 2403

Secure Deduplication in Cloud Backup Services

Nidhi Panpaliya, Prachi Sorte

Share this article



Similar Articles with Keyword 'vulnerability'

Survey Paper, Information Technology, India, Volume 5 Issue 4, April 2016

Pages: 1865 - 1867

Survey on Cloud Computing Security Algorithms

Akash Kanthale, S. P. Potdar

Share this article

Research Paper, Information Technology, India, Volume 4 Issue 4, April 2015

Pages: 1635 - 1639

Developing Firefox add-on for DOM vulnerability Assessment

Saranraj Ilangovan, Geogen George

Share this article

Research Paper, Information Technology, India, Volume 4 Issue 4, April 2015

Pages: 1990 - 1993

Advanced Persistent Threat Detection System

Hanu Prasannan, Dharani.J

Share this article

Research Paper, Information Technology, India, Volume 4 Issue 3, March 2015

Pages: 636 - 640

Exploit Development Research on x86 Windows Application: Buffer Overflow

Geogen George, Sivasundaram R

Share this article

M.Tech / M.E / PhD Thesis, Information Technology, India, Volume 4 Issue 3, March 2015

Pages: 2100 - 2103

Automatic Patch Generation for Control Hijacking Attacks

Saud Adam Abdulkadir, Savaridassan P.

Share this article
Top