Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) can respectively be used to support authentication and authorization in distributed scenarios. The validation of certificate chains is a critical issue in both infrastructures, because it requires several costly processes, such as certificate path discovery, validation of each certificate, and so on. The problem becomes even worst in devices with limited resources (battery, memory, computational capacity, etc.) as mobile devices. In this paper we present an architecture that reduces the communication and computational overhead of certificate status checking in a complete certificate chain. The proposed tracing of the certificates chains is based on a cascade certificate revocation policy.
File in questo prodotto:
Non ci sono file associati a questo prodotto.