Dr. Ahmad Samer Wazan
Associate professor at Zayed University
20th March 2023, 11:00am to 12:00pm (GST)
HTTPS everywhere? It’s almost here but not yet.
Today according to Google’s transparency report, up to 99% of web pages loaded by Google Chrome are viewed over the HTTPS protocol. This is the result of a campaign called ‘HTTPS everywhere’ that was started in 2016 by Google. Its objective is to encrypt all the web traffic. This talk will show why HTTPS doesn't yet provide enough assurance to web users about the security of their web transactions. It will start by demonstrating the transformation of web PKI from a trust-based system into a risk-based system. It will explain why the initial trust based system resulted in a broken security system, and how recent improvements have changed the general strategy into a partial risk-based system. However, different research challenges still need to be addressed in order to transform it into a fully risk-based system that would allow insurance companies to enter the web PKI market in order to protect web users from unexpected losses. These research challenges will be discussed and finally our research contributions conducted in the web PKI area will be described.
Ahmad Samer Wazan is an Associate professor at Zayed University in CTI college. His research topics include trust management, PKIs, Access Control, OS security, and security requirement engineering. Between 2007 and 2011, he led a research project that defined a new trust model for X.509 standard by adding a new entity called Trust Broker. The proposal is now included in the 2016 edition of the X.509 standard. He also participated with other researchers from the UK and France in implementing the first proof of concept verifiable credential system. In addition, he recently conducted a new research project that proposed a new command called sr (switch role) that intends to replace the command sudo in a Linux environment (https://github.com/SamerW/RootAsRole). He is currently on a secondment from Toulouse University to Zayed university. Industrially, Mr. Wazan has worked with the founder of souq.com (Ronaldo Mouchawar ) between 2003 and 2006 as a web developer and security analyst. In 2004, Mr. Wazan was awarded by Ronaldo Mouchawar the prize of the best employee.