Title :
Windowed certificate revocation
Author :
McDaniel, Patrick ; Jamin, Sugih
Author_Institution :
Dept. of Electr. Eng. & Comput. Sci., Michigan Univ., Ann Arbor, MI, USA
Abstract :
The advent of electronic commerce and personal communications on the Internet has heightened concern over lack of privacy and security. Network services providing a wide range of security related guarantees are increasingly based on public key certificates. A fundamental problem inhibiting the wide acceptance of existing certificate distribution services is the lack of a scalable certificate revocation mechanism. We argue in this paper that the resource requirements of extant revocation mechanisms place a significant burden on certificate servers and network resources. We propose a novel mechanism called windowed revocation that satisfies the security policies and requirements of existing mechanisms and, at the same time, reduces the burden on certificate servers and network resources. We include a proof of correctness of windowed revocation and analyze worst case performance scenarios
Keywords :
Internet; data privacy; electronic commerce; network servers; personal communication networks; public key cryptography; telecommunication security; Internet; certificate distribution services; certificate servers; electronic commerce; network resources; personal communications; privacy; public key certificates; scalable certificate revocation mechanism; security; security policies; security related guarantees; windowed certificate revocation; worst case performance scenarios; Electronic commerce; Engineering profession; Internet; Network servers; Performance analysis; Privacy; Public key; Security; Sun; Web server;
Conference_Titel :
INFOCOM 2000. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. IEEE
Conference_Location :
Tel Aviv
Print_ISBN :
0-7803-5880-5
DOI :
10.1109/INFCOM.2000.832538
