Efficient Certificate Status Handling Within PKIs: An Application to Public Administration Services
نویسنده
چکیده
Public administrations show a strong interest in digital signature technology as a mean for secure and authenticated document exchange, hoping it will help reducing paper-based transactions with citizens. The main problem posed by this technology is with the necessary public-key infrastructure, and in particular with certificate status handling. This paper describes the definition and deployment of a web-based environment suitable for offering administrative services to citizens and for accepting authenticated documents from citizens. The best features of two different certificate status handling schemes, namely CRL and OCSP, have been exploited within this environment to obtain a good balance between security, timeliness and efficiency.
منابع مشابه
An Application of Efficient Certificate Status Handling Methods to High Traffic Authentication Services
Many organizations show a strong interest in digital signature technology as a mean for secure and authenticated document exchange, hoping it will help reducing paper-based transactions. The main problem posed by this technology is with the necessary public-key infrastructure, and in particular with certificate status handling. Rather than addressing the revocation problem in general, a specifi...
متن کاملFinding the PKI needles in the Internet haystack
Public key cryptography can uniquely enable trust within distributed settings. Employing it usually requires deploying a set of tools and services collectively known as a Public Key Infrastructure (PKI). PKIs have become a central asset for many organizations, due to distributed IT and users. Even though the usage of PKIs in closed and controlled environments is quite common, interoperability a...
متن کاملPQR Finding the PKI Needles in the Internet Haystack∗
Public-key cryptography can uniquely enable trust within distributed settings. Employing it usually requires deploying a set of tools and services collectively known as a public key infrastructure (PKI). PKIs have become a central asset for many organizations, due to distributed IT and users. Even though the usage of PKIs in closed and controlled environments is quite common, interoperability a...
متن کاملTrust Management for E-Commerce
All human interaction is based on trust, meaning that we choose interaction partners and make commitment decisions based on how much we trust the other party. This applies to commerce as well as to ecommerce. In normal commerce, established frameworks, legal and other, provide protection and assurance upon which trust is built. Because e-commerce is largely based on information technology, IT s...
متن کاملMoving Toward an IPv 6 Future
Generally speaking, a public key infrastructure (PKI) is a set of hardware, software, people, and procedures needed to create, manage, store, distribute, and revoke public key certificates. With these in place, a PKI can provide trusted and efficient privateand publickey certificate management, thus enabling the use of authentication, nonrepudiation, and confidential security services. To provi...
متن کامل