Content delivery networks (CDNs) are crucial for enhancing website performance by reducing data delivery latency and mitigating DDoS attacks. However, the three-party HTTPS model involving CDNs introduces cybersecurity risks that demand greater technical expertise and user awareness. This paper addresses the security issues of Moroccan websites using CDNs in HTTPS communications. We identify the percentage of HTTPS websites using CDNs among Morocco’s top 50 websites, determine the most adopted CDN providers, and evaluate their security levels by assessing X.509 certificates and the reliability of different cipher suites negotiated by these CDNs. Our findings reveal that while most administrators prefer CDN servers for content delivery, many still support vulnerable HTTPS configurations. Thus, implementing HTTPS in the tripartite model requires more technical skills and increased user awareness compared to the traditional bipartite model.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Revealing CDN-Side Cybersecurity Risks in HTTPS Connections

  • Abdelhadi Zineddine,
  • Mohamed Zaoui,
  • Yassine Sadqi,
  • Said Safi

摘要

Content delivery networks (CDNs) are crucial for enhancing website performance by reducing data delivery latency and mitigating DDoS attacks. However, the three-party HTTPS model involving CDNs introduces cybersecurity risks that demand greater technical expertise and user awareness. This paper addresses the security issues of Moroccan websites using CDNs in HTTPS communications. We identify the percentage of HTTPS websites using CDNs among Morocco’s top 50 websites, determine the most adopted CDN providers, and evaluate their security levels by assessing X.509 certificates and the reliability of different cipher suites negotiated by these CDNs. Our findings reveal that while most administrators prefer CDN servers for content delivery, many still support vulnerable HTTPS configurations. Thus, implementing HTTPS in the tripartite model requires more technical skills and increased user awareness compared to the traditional bipartite model.