Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) can respectively be used to support authentication and authorization in distributed scenarios. The validation of certificate chains is a critical issue in both infrastructures, because it requires several costly processes, such as certificate path discovery, validation of each certificate, and so on. The problem becomes even worst in devices with limited resources (battery, memory, computational capacity, etc.) as mobile devices. In this paper we present an architecture that reduces the communication and computational overhead of certificate status checking in a complete certificate chain. The proposed tracing of the certificates chains is based on a cascade certificate revocation policy.
Titolo: | Dynamics in Delegation and Revocation Schemes: A Logical Approach | |
Autori Riconosciuti: | ||
Autori: | Guillaume Aucher; Steve Barker; Guido Boella; Valerio Genovese; Leendert van der Torre | |
Data di pubblicazione: | 2011 | |
Abstract: | Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) can respectively be used to support authentication and authorization in distributed scenarios. The validation of certificate chains is a critical issue in both infrastructures, because it requires several costly processes, such as certificate path discovery, validation of each certificate, and so on. The problem becomes even worst in devices with limited resources (battery, memory, computational capacity, etc.) as mobile devices. In this paper we present an architecture that reduces the communication and computational overhead of certificate status checking in a complete certificate chain. The proposed tracing of the certificates chains is based on a cascade certificate revocation policy. | |
Editore: | Yingjiu Li | |
Titolo del libro: | Data and Applications Security and Privacy XXV - 25th Annual IFIP WG 11.3 Conference, DBSec 2011, Richmond, VA, USA, July 11-13, 2011. Proceedings | |
Volume: | 6818 | |
Pagina iniziale: | 90 | |
Pagina finale: | 105 | |
Nome del convegno: | Data and Applications Security and Privacy XXV - 25th Annual IFIP WG 11.3 Conference, DBSec 2011 | |
Luogo del convegno: | Richmond, VA, USA | |
Anno del convegno: | 11/07/11-13/07/11 | |
ISBN: | 9783642223471 | |
Appare nelle tipologie: | 04A-Conference paper in volume |