3,863 research outputs found

    Certificate Path Verification in Hierarchical and Peer-to-Peer Public Key Infrastructures

    Get PDF
    “Authentication of users in an automated business transaction is commonly realized by means of a Public Key Infrastructure(PKI). A PKI is a framework on which the security services are built. Each user or end entity is given a digitally signed data structure called digital certificate. In Hierarchical PKI, certificate path is unidirectional, so certificate path development and validation is simple and straight forward. Peer-to-Peer(also called Mesh PKI) architecture is one of the most popular PKI trust models that is widely used in automated business transactions, but certificate path verification is very complex since there are multiple paths between users and the certification path is bidirectional. In this paper, we demonstrate the advantage of certificate path verification in Hierarchical PKI based on forward path construction method over reverse path construction method with respect to the time requirement. We also propose a novel method to convert a peer-to-peer PKI to a Depth First Search(DFS) spanning tree to simplify the certificate path verification by avoiding multiple paths between users, since the DFS spanning tree equivalent of peer-to-peer PKI contains only one path between any two Certification Authorities

    Building a truster environment for e-business : a Malaysian perspective

    Get PDF
    Internet identify ‘security’ as a major concern for businesses. In general, the level of security in any network environment is closely linked to the level of trust assigned to a particular individual or organization within that environment. It is the trust element that is crucial in ensuring a secure environment. Besides physical security, security technology needs to be utilised to provide a trusted environment for e-business. Network security components for perimeter defense, i.e., Virtual Private Networks, firewalls and Intrusion Detection Systems, need to be complemented by security components at the applications and user level, e.g., authentication of user. ID or password security solution may be an option but now with the availability of legally binding digital certificates, security in e-business transactions can be further improved. Time and date stamping of e-business transactions are also of concern to prove at a later date that the transactions took place at the stipulated date and time. Digital certificates are part of a Public Key Infrastructure (PKI) scheme, which is an enabling technology for building a trusted epvironment. PIU comprise policies and procedures for establishing a secure method for exchanging information over a network environment. The Digital Signature Act 1997 (DSA 1997) facilitates the PKI implementation in Malaysia. Following the DSA 1997, Certification Authorities (CAs) were set up in Malaysia. This paper describes a trusted platform for spurring ebusiness and provides a Malaysian perspective of it

    PKI Scalability Issues

    Full text link
    This report surveys different PKI technologies such as PKIX and SPKI and the issues of PKI that affect scalability. Much focus is spent on certificate revocation methodologies and status verification systems such as CRLs, Delta-CRLs, CRS, Certificate Revocation Trees, Windowed Certificate Revocation, OCSP, SCVP and DVCS.Comment: 23 pages, 2 figure
    • …
    corecore