Survey Paper | Information Technology | India | Volume 3 Issue 6, June 2014
The Heartbleed Bug: An Open Secure Sockets Layer Vulnerability
Thabiso Peter Mpofu, Noe Elisa, Nicholaus Gati
The Open Secure Sockets Layer (OpenSSL) is used to provide a secure platform for transactions that happen over the internet. About two thirds of the servers on the internet use the OpenSSL platform to provide secure transaction over the internet. The OpenSSL is a widely used open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Transactions such as online shopping; emails and online banking are carried out on the internet through the OpenSSL and other platforms which provide a security. Vulnerabilities have however been found in the OpenSSL that has resulted in a wide public outcry all over the world. A vulnerability referred to as the Heartbleed Bug has sent shockwaves all over the internet. From the study we conducted; the scope of the data that has been potentially compromised is astronomical and includes usernames; passwords; bank account and credit card numbers; medical data; documents in online cloud storage. Not only has all of this user data been directly compromised; but; what are worse; the private keys of the servers running the vulnerable versions of OpenSSL were also almost certainly compromised. We recommend patching of affected applications or/and upgrade to versions that are not vulnerable in order to mitigate the risks identified.
Keywords: OpenSSL, Heartbleed bug, secure, Transport Layer Security, Secure Sockets Layer, vulnerability
Edition: Volume 3 Issue 6, June 2014
Pages: 1470 - 1473
How to Cite this Article?
Thabiso Peter Mpofu, Noe Elisa, Nicholaus Gati, "The Heartbleed Bug: An Open Secure Sockets Layer Vulnerability", International Journal of Science and Research (IJSR), https://www.ijsr.net/search_index_results_paperid.php?id=2014489, Volume 3 Issue 6, June 2014, 1470 - 1473
128 PDF Views | 96 PDF Downloads
Similar Articles with Keyword 'secure'
M.Tech / M.E / PhD Thesis, Information Technology, India, Volume 4 Issue 3, March 2015
Pages: 2441 - 2444Privacy-Preservation of Centralized and Distributed Social Network by Using L-Diversity Algorithm
Shankaranand, P. Rajasekar
Survey Paper, Information Technology, India, Volume 3 Issue 4, April 2014
Pages: 747 - 750A Survey on Shoulder Surfing Resistant Text Based Graphical Password Schemes
Mokal P. H., Devikar R. N.
Survey Paper, Information Technology, India, Volume 3 Issue 11, November 2014
Pages: 2849 - 2851A Survey on Secure Mechanism for Wireless Sensor Networks
Tabbasum Sajjan Magdum, Y.B.Gurav
Survey Paper, Information Technology, India, Volume 3 Issue 12, December 2014
Pages: 1137 - 1140A Literature Survey on Virtualization Security Threats in Cloud Computing
Brona Shah, Jignesh Vania
Research Paper, Information Technology, India, Volume 3 Issue 6, June 2014
Pages: 1654 - 1660Privacy Preserving Protocol for Two-Party Classifier Over Vertically Partitioned Dataset Using ANN
Smitha Iddalgave, Sumana M
Similar Articles with Keyword 'vulnerability'
Research Paper, Information Technology, India, Volume 4 Issue 4, April 2015
Pages: 1635 - 1639Developing Firefox add-on for DOM vulnerability Assessment
Saranraj Ilangovan, Geogen George
M.Tech / M.E / PhD Thesis, Information Technology, India, Volume 4 Issue 3, March 2015
Pages: 2100 - 2103Automatic Patch Generation for Control Hijacking Attacks
Saud Adam Abdulkadir, Savaridassan P.
Survey Paper, Information Technology, India, Volume 5 Issue 4, April 2016
Pages: 1865 - 1867Survey on Cloud Computing Security Algorithms
Akash Kanthale, S. P. Potdar
Survey Paper, Information Technology, India, Volume 3 Issue 6, June 2014
Pages: 1470 - 1473The Heartbleed Bug: An Open Secure Sockets Layer Vulnerability
Thabiso Peter Mpofu, Noe Elisa, Nicholaus Gati
Survey Paper, Information Technology, Ghana, Volume 9 Issue 4, April 2020
Pages: 1643 - 1647Analysis of the Security Threat and Vulnerability of Smartphone use among Tertiary Students in Ghana
Issah Bala Abdulai, Abu Sulemana