Relevant bibliographies by topics / Certificats SSL/TLS

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Book chapters
  4. Conference papers

Academic literature on the topic 'Certificats SSL/TLS'

Author: Grafiati
Published: 23 September 2022
Last updated: 31 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Certificats SSL/TLS.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Certificats SSL/TLS"

1

Lapshichyov, Vitaly V. "TLS Certificates of the Tor Network and Their Distinctive Features." International Journal of Systems and Software Security and Protection 10, no. 2 (2019): 20–43. http://dx.doi.org/10.4018/ijsssp.2019070102.

Full text
Abstract:
This article presents the results of an experimental study of the properties of SSL/TLS certificates of an anonymous Tor network, based on which it is concluded that there are several features that differ from other SSL/TLS certificates. At present, in the scientific literature and in the documentation of U.S. National Security Agency, and the U.K. Government Communications Headquarters devoted to the identification of Tor network traffic, two signs of SSL/TLS certificates are indicated - the name of the certificate subject, as well as the port of the certificate transmission and network conne
APA, Harvard, Vancouver, ISO, and other styles
2

Mohit, Thodupunuri. "The Right Way to Manage SSL/TLS Certificates in Modern Applications and Infrastructure." European Journal of Advances in Engineering and Technology 11, no. 3 (2024): 30–37. https://doi.org/10.5281/zenodo.15607021.

Full text
Abstract:
SSL/TLS certificates are foundational to securing modern application and infrastructure communications. Yet despite their ubiquity, poor certificate management remains a leading cause of service disruptions, security breaches, and compliance failures. As systems become more distributed—spanning containerized workloads, service meshes, and hybrid clouds—the challenge of managing certificate lifecycles grows exponentially. Static provisioning, hardcoded secrets, and manual renewals no longer scale in environments demanding agility and automation. This article explores best practices
APA, Harvard, Vancouver, ISO, and other styles
3

Foppe, Lucas, Jeremy Martin, Travis Mayberry, Erik C. Rye, and Lamont Brown. "Exploiting TLS Client Authentication for Widespread User Tracking." Proceedings on Privacy Enhancing Technologies 2018, no. 4 (2018): 51–63. http://dx.doi.org/10.1515/popets-2018-0031.

Full text
Abstract:
Abstract TLS, and SSL before it, has long supported the option for clients to authenticate to servers using their own certificates, but this capability has not been widely used. However, with the development of its Push Notification Service, Apple has deployed this technology on millions of devices for the first time. Wachs et al. [42] determined iOS client certificates could be used by passive network adversaries to track individual devices across the internet. Subsequently, Apple has patched their software to fix this vulnerability. We show these countermeasures are not effective by demonstr
APA, Harvard, Vancouver, ISO, and other styles
4

Xing, Qianqian, Xiaofeng Wang, Xinyue Xu, et al. "BRT: An Efficient and Scalable Blockchain-Based Revocation Transparency System for TLS Connections." Sensors 23, no. 21 (2023): 8816. http://dx.doi.org/10.3390/s23218816.

Full text
Abstract:
Log-based public key infrastructure(PKI) refers to a robust class of CA-attack-resilient PKI that enhance transparency and accountability in the certificate revocation and issuance process by compelling certificate authorities (CAs) to submit revocations to publicly and verifiably accessible logs. However, log-based PKIs suffer from a reliance on centralized and consistent sources of information, rendering them susceptible to split-world attacks, and they regrettably fail to provide adequate incentives for recording or monitoring CA behavior. Blockchain-based PKIs address these limitations by
APA, Harvard, Vancouver, ISO, and other styles
5

Park, Jun-Cheol. "Cookie-Based Identification of the Public Keys of TLS/SSL Certificates." Journal of Korean Institute of Communications and Information Sciences 41, no. 1 (2016): 101–3. http://dx.doi.org/10.7840/kics.2015.41.1.101.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Cueva Hurtado, Mario E., and Diego Javier Alvarado Sarango. "Análisis de Certificados SSL/TLS gratuitos y su implementación como Mecanismo de seguridad en Servidores de Aplicación." Enfoque UTE 8, no. 1 (2017): 273–86. http://dx.doi.org/10.29019/enfoqueute.v8n1.128.

Full text
Abstract:
La seguridad en la capa de aplicación (SSL), proporciona la confidencialidad, integridad y autenticidad de los datos, entre dos aplicaciones que se comunican entre sí. El presente artículo es el resultado de haber implementado certificados SSL / TLS gratuitos en servidores de aplicación, determinando las características relevantes que debe tener un certificado SSL/TLS, la Autoridad certificadora que lo emita. Se realiza un análisis de las vulnerabilidades en los servidores web y se establece un canal cifrado de comunicaciones con el fin de proteger de ataques como hombre en el medio, phising y
APA, Harvard, Vancouver, ISO, and other styles
7

Lapshichyov, Vitaly V., and Oleg B. Makarevich. "Detection and identification method of the tor bundle use." Informatization and communication, no. 3 (May 5, 2020): 17–20. http://dx.doi.org/10.34219/2078-8320-2020-11-3-17-20.

Full text
Abstract:
This paper presents the result of author’s research aimed at developing a detecting and identifying method of the Tor Bundle use in data transmission networks, in particular, on the Internet. Based on these characteristics, an algorithm has been developed that allows legitimate blocking of user access to a global network by a popular anonymizer. The subject of the study was an SSL/TLS encryption certificate, which is transmitted by the Tor network server to the user of the Tor Bundle and which contains the set of data necessary for its identification during the implementation of the TLS “hands
APA, Harvard, Vancouver, ISO, and other styles
8

Tian, Cong, Chu Chen, Zhenhua Duan, and Liang Zhao. "Differential Testing of Certificate Validation in SSL/TLS Implementations." ACM Transactions on Software Engineering and Methodology 28, no. 4 (2019): 1–37. http://dx.doi.org/10.1145/3355048.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Martynenkov, I. V. "THE MAIN STAGES OF DEVELOPMENT OF THE CRYPTOGRAPHIC PROTOCOLS SSL/TLS AND IPsec." Prikladnaya Diskretnaya Matematika, no. 51 (2021): 31–67. http://dx.doi.org/10.17223/20710410/51/2.

Full text
Abstract:
The paper discusses the main stages of development of cryptographic protocols from SSL 2.0 (Secure Socket Layer) to TLS 1.3 (Transport Layer Security), which ensure the protection of transport layer data in the OSI model. A brief description of the modification of the RuTLS protocol based on TLS 1.3 and their main differences is given. The development of IPsec, which provides cryptographic protection of communications at the network level of the OSI model, is considered using examples of the development of the three most commonly used protocols. These include IKE (Internet Key Exchange), AH (A
APA, Harvard, Vancouver, ISO, and other styles
10

Park, Hun Myoung. "The Pitfalls of the Certificate-Based User Authentication Scheme on Korean Public Websites." Journal of Cases on Information Technology 26, no. 1 (2024): 1–19. http://dx.doi.org/10.4018/jcit.355015.

Full text
Abstract:
The Korean government has employed a certificate-based user authentication scheme powered by Internet Explorer and ActiveX plug-ins for the past two decades. Users must obtain accredited digital certificates, install all required plug-ins on their machines, and undergo all user authentication procedures. Most clients mistakenly take a series of authentication procedures for granted and unwittingly make copies of security code cards, store accredited digital certificates on hard disks, and mechanically click “Yes” or “OK”. Public websites lack cross-platform and cross-browser compatibility and
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Certificats SSL/TLS"

1

Traore, Mohamed. "Analyse des biais de RNG pour les mécanismes cryptographiques et applications industrielles." Thesis, Université Grenoble Alpes, 2022. http://www.theses.fr/2022GRALM013.

Full text
Abstract:
Dans ce travail, nous analysons des certificats SSL/TLS X.509 (utilisant le chiffrement RSA et provenant de centaines de millions de matériels connectés) à la recherche d'anomalies et étendons notamment les travaux de Hastings, Fried et Heninger (2016). Notre étude a été réalisée sur trois bases de données provenant de l'EFF (2010-2011), de l'ANSSI (2011-2017) et de Rapid7 (2017-2021). Plusieurs vulnérabilités affectant des matériels de fabricants connus furent détectées : modules de petites tailles (strictement inférieures à 1024 bits), modules redondants (utilisés par plusieurs entités), cer
APA, Harvard, Vancouver, ISO, and other styles
2

Boinapally, Kashyap. "Security Certificate Renewal Management." Thesis, Blekinge Tekniska Högskola, Institutionen för datavetenskap, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-18453.

Full text
Abstract:
Context. An SSL encrypted client-server communication is necessary to maintain the security and privacy of the communication. For an SSL encryption to work, there should be a security certificate which has a certain expiry period. Periodic renewal of the certificate after its expiry is a waste of time and an effort on part of the company. Objectives. In this study, a new system has been developed and implemented, which sends a certificate during prior communication and does not wait for the certificate to expire. Automating the process to a certain extent was done to not compromise the securit
APA, Harvard, Vancouver, ISO, and other styles
3

Bruhner, Carl Magnus, and Oscar Linnarsson. "Relay Racing with X.509 Mayflies : An Analysis of Certificate Replacements and Validity Periods in HTTPS Certificate Logs." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-167063.

Full text
Abstract:
Certificates are the foundation of secure communication over the internet as of today. While certificates can be issued with long validity periods, there is always a risk of having them compromised during their lifetime. A good practice is therefore to use shorter validity periods. However, this limits the certificate lifetime and gives less flexibility in the timing of certificate replacements. In this thesis, we use publicly available network logs from Rapid7's Project Sonar to provide an overview of the current state of certificate usage behavior. Specifically, we look at the Let's Encrypt
APA, Harvard, Vancouver, ISO, and other styles
4

Gustafsson, Josef. "Certificate Transparency in Theory and Practice." Thesis, Linköpings universitet, Databas och informationsteknik, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-125855.

Full text
Abstract:
Certificate Transparency provides auditability to the widely used X.509 Public Key Infrastructure (PKIX) authentication in Transport Layer Security (TLS) protocol. Transparency logs issue signed promises of inclusions to be used together with certificates for authentication of TLS servers. Google Chrome enforces the use of Certificate Transparency for validation of Extended Validation (EV) certificates. This thesis proposes a methodology for asserting correct operation and presents a survey of active Logs. An experimental Monitor has been implemented as part of the thesis. Varying Log usage pa
APA, Harvard, Vancouver, ISO, and other styles
5

Klasson, Sebastian, and Nina Lindström. "Longitudinal analysis of the certificate chains of big tech company domains." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-178396.

Full text
Abstract:
The internet is one of the most widely used mediums for communication in modern society and it has become an everyday necessity for many. It is therefore of utmost importance that it remains as secure as possible. SSL and TLS are the backbones of internet security and an integral part of these technologies are the certificates used. Certificate authorities (CAs) can issue certificates that validate that domains are who they claim to be. If a user trusts a CA they can in turn also trust domains that have been validated by them. CAs can in turn trust other CAs and this, in turn, creates a chain
APA, Harvard, Vancouver, ISO, and other styles
6

Petersson, Jakob. "Analysis of Methods for Chained Connections with Mutual Authentication Using TLS." Thesis, Linköpings universitet, Informationskodning, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-119455.

Full text
Abstract:
TLS is a vital protocol used to secure communication over networks and it provides an end- to-end encrypted channel between two directly communicating parties. In certain situations it is not possible, or desirable, to establish direct connections from a client to a server, as for example when connecting to a server located on a secure network behind a gateway. In these cases chained connections are required. Mutual authentication and end-to-end encryption are important capabilities in a high assur- ance environment. These are provided by TLS, but there are no known solutions for chained conne
APA, Harvard, Vancouver, ISO, and other styles
7

Klepáčková, Karolína. "Aplikace pro Android na bezpečnostní monitorování komunikace." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2019. http://www.nusl.cz/ntk/nusl-399203.

Full text
Abstract:
This diploma thesis is focused on implementation of application for security monitoring of network communication of other applications in mobile device with Android platform. Provides users information about security risks that may harm his/her privacy or device. It uses a local VPN to tunnel all data sent to the wireless network. These can be linked to an application that has sent them because the Android kernel is derived from the Linux kernel and can be used to retrieve information about established network connections and the application identifier associated with the connection. This mapp
APA, Harvard, Vancouver, ISO, and other styles
8

Rapp, Axel. "Web site security maturity of the European Union and its member states : A survey study on the compliance with best practices of DNSSEC, HSTS, HTTPS, TLS-version, and certificate validation types." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-20127.

Full text
Abstract:
With e-governance steadily growing, citizen-to-state communication via Web sites is as well, placing enormous trust in the protocols designed to handle this communication in a secure manner. Since breaching any of the protocols enabling Web site communication could yield benefits to a malicious attacker and bring harm to end-users, the battle between hackers and information security professionals is ongoing and never-ending. This phenomenon is the main reason why it is of importance to adhere to the latest best practices established by specialized independent organizations. Best practice compl
APA, Harvard, Vancouver, ISO, and other styles
9

O'Neill, Mark Thomas. "The Security Layer." BYU ScholarsArchive, 2019. https://scholarsarchive.byu.edu/etd/7761.

Full text
Abstract:
Transport Layer Security (TLS) is a vital component to the security ecosystem and the most popular security protocol used on the Internet today. Despite the strengths of the protocol, numerous vulnerabilities result from its improper use in practice. Some of these vulnerabilities arise from weaknesses in authentication, from the rigidity of the trusted authority system to the complexities of client certificates. Others result from the misuse of TLS by developers, who misuse complicated TLS libraries, improperly validate server certificates, employ outdated cipher suites, or deploy other featur
APA, Harvard, Vancouver, ISO, and other styles
10

Slavík, Petr. "Laboratorní úloha infrastruktury veřejných klíčů." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2009. http://www.nusl.cz/ntk/nusl-217981.

Full text
Abstract:
The aim of this thesis is to study and describe the theme of Public Key Infrastructure (PKI). Within the scope of minute PKI characterization there is a gradual depiction of particular structural elements, which are above all represented by cryptographic operations (asymetric and symetric cryptography, hash function and digital signature); then, there are also individual PKI subjects that are dealt with, like eg. certification authority, certificates, security protocols, secure heap etc. Last but not least there are a few complete Public Key Infrastructure implementation solutions described (O
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Certificats SSL/TLS"

1

Hughes, Lawrence E. "SSL and TLS." In Pro Active Directory Certificate Services. Apress, 2022. http://dx.doi.org/10.1007/978-1-4842-7486-6_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Aravind, S., K. Indra Gandhi, R. Prasanna, and V. Rishith Kumar. "Policy-Based Verification and Enforcement for Generation of SSL/TLS Certificates." In Smart Innovation, Systems and Technologies. Springer Nature Singapore, 2025. https://doi.org/10.1007/978-981-96-0147-9_1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Fiedler, Arno, and Christoph Thiel. "The need of European White Knights for the TLS/SSL Certificate System." In ISSE 2014 Securing Electronic Business Processes. Springer Fachmedien Wiesbaden, 2014. http://dx.doi.org/10.1007/978-3-658-06708-3_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Mogollon, Manuel. "TLS, SSL, and SET." In Cryptography and Security Services. IGI Global, 2008. http://dx.doi.org/10.4018/978-1-59904-837-6.ch012.

Full text
Abstract:
In an Internet commercial transaction, the secure Web server and the buyer’s computer authenticate each other and encipher the data transmitted using transport layer security (TLS) or secure socket layer (SSL) protocols. When a purchase is made online using a credit card, does the customer’s bank need to know what was purchased? Not really. Does the seller need to know the customer’s credit card number? Actually, the answer is no. The responses to these questions were the main premises of the secure electronic transaction (SET). In the late 1990’s, SET was approved as the credit card standard,
APA, Harvard, Vancouver, ISO, and other styles
5

"Creating a Network of Trust Using X.509 Certificates." In Implementing SSL/TLS Using Cryptography and PKI. Wiley Publishing, Inc., 2011. http://dx.doi.org/10.1002/9781118255797.ch5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Chen, Lei, Wen-Chen Hu, Ming Yang, and Lei Zhang. "Applied Cryptography in E-mail Services and Web Services." In Applied Cryptography for Cyber Security and Defense. IGI Global, 2011. http://dx.doi.org/10.4018/978-1-61520-783-1.ch005.

Full text
Abstract:
E-mail services are the method of sending and receiving electronic messages over communication networks. Web services on the other hand provide a channel of accessing interlinked hypermeida via the World Wide Web. As these two methods of network communications turn into the most popular services over the Internet, applied cryptography and secure authentication protocols become indispensable in securing confidential data over public networks. In this chapter, we first review a number of cryptographic ciphers widely used in secure communication protocols. We then discuss and compare the popular
APA, Harvard, Vancouver, ISO, and other styles
7

Kaur, Kashish Preet, Sunil K. Singh, Sudhakar Kumar, et al. "Advanced Tools and Technologies for Phishing Prevention." In Critical Phishing Defense Strategies and Digital Asset Protection. IGI Global, 2025. https://doi.org/10.4018/979-8-3693-8784-9.ch009.

Full text
Abstract:
Phishing attacks are a major cybersecurity threat, exploiting human vulnerabilities by manipulating trust to access sensitive information. As phishing tactics evolve, the demand for advanced anti-phishing technologies has surged. This paper examines key measures such as email filters, SSL/TLS certificates, DNS-based authentication, multi-factor authentication, and URL filtering to protect against phishing. Advanced methods like machine learning, AI-driven analysis, and real-time threat detection have improved phishing prevention. It also discusses browser-based, cloud-based, and email security
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Certificats SSL/TLS"

1

Petrica, Gabriel, Ionutdaniel Barbu, Sabinadaniela Axinte, Ioan Bacivarov, and Ioan cosmin Mihai. "E-LEARNING PLATFORMS IDENTITY USING DIGITAL CERTIFICATES." In eLSE 2017. Carol I National Defence University Publishing House, 2017. http://dx.doi.org/10.12753/2066-026x-17-228.

Full text
Abstract:
To ensure the identity of a website, SSL digital certificates are used together with HTTPS secured protocol; these two items provide both the server authentication to the user and an encrypted communication channel intended to prevent interception of information exchanged between the user and that website through the Web browser. The current tendency, supported by the major competitors in the market, The Chromium Projects (since December 2014) and Mozilla Foundation (since April 2015), is to impose HTTPS protocol as the default, worldwide used protocol by the Web servers. The paper analyzes th
APA, Harvard, Vancouver, ISO, and other styles
2

Manolache, Florin B., and Octavian Rusu. "Automated SSL/TLS Certificate Distribution System." In 2021 20th RoEduNet Conference: Networking in Education and Research (RoEduNet). IEEE, 2021. http://dx.doi.org/10.1109/roedunet54112.2021.9637722.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Gallersdorfer, Ulrich, and Florian Matthes. "TeSC: TLS/SSL-Certificate Endorsed Smart Contracts." In 2021 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS). IEEE, 2021. http://dx.doi.org/10.1109/dapps52256.2021.00016.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Escarrone, Thiago, Diego Kreutz, and Maurício Fiorenza. "Uma Primeira Analise do Ecosistema HTTPS no Brasil." In XVII Escola Regional de Redes de Computadores. Sociedade Brasileira de Computação - SBC, 2019. http://dx.doi.org/10.5753/errc.2019.9226.

Full text
Abstract:
O HTTPS (SSL/TLS) é essencial para garantir a segurança (e.g. confidencialidade dos dados) das comunicações que utilizam o protocolo HTTP na Internet. Entretanto, apesar da crescente adoção do HTTPS, muitos sites ainda não implementam da maneira correta os certificados digitais. Neste trabalho é presentado um primeiro levantamento sobre o estado do ecossistema SSL/TLS no Brasil. Para a análise, foram selecionados 44 sites de instituições financeiras e governamentais, incluindo o governo federal e governos estaduais. Os resultados apontam que a maioria dos sites utilizam ou suportam versões ant
APA, Harvard, Vancouver, ISO, and other styles
5

Matsumoto, Stephanos, and Raphael M. Reischuk. "Certificates-as-an-Insurance: Incentivizing Accountability in SSL/TLS." In Workshop on Security of Emerging Networking Technologies. Internet Society, 2015. http://dx.doi.org/10.14722/sent.2015.23009.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Chen, Yuting, and Zhendong Su. "Guided differential testing of certificate validation in SSL/TLS implementations." In ESEC/FSE'15: Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering. ACM, 2015. http://dx.doi.org/10.1145/2786805.2786835.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Chen, Chu, Cong Tian, Zhenhua Duan, and Liang Zhao. "RFC-directed differential testing of certificate validation in SSL/TLS implementations." In ICSE '18: 40th International Conference on Software Engineering. ACM, 2018. http://dx.doi.org/10.1145/3180155.3180226.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Fu, Peipei, Zhen Li, Gang Xiong, Zigang Cao, and Cuicui Kang. "SSL/TLS Security Exploration Through X.509 Certificate’s Life Cycle Measurement." In 2018 IEEE Symposium on Computers and Communications (ISCC). IEEE, 2018. http://dx.doi.org/10.1109/iscc.2018.8538533.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Chen, Chu, Pinghong Ren, Zhenhua Duan, Cong Tian, Xu Lu, and Bin Yu. "SBDT: Search-Based Differential Testing of Certificate Parsers in SSL/TLS Implementations." In ISSTA '23: 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. ACM, 2023. http://dx.doi.org/10.1145/3597926.3598110.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Brubaker, Chad, Suman Jana, Baishakhi Ray, Sarfraz Khurshid, and Vitaly Shmatikov. "Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations." In 2014 IEEE Symposium on Security and Privacy (SP). IEEE, 2014. http://dx.doi.org/10.1109/sp.2014.15.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Certificats SSL/TLS' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography