Title :
PKI trust relationships: from a hybrid architecture to a hierarchical model
Author :
Satizábal, Cristina ; Páez, Rafael ; Forné, Jordi
Author_Institution :
Telematics Eng. Dept., Tech. Univ. of Catalonia, Barcelona, Spain
Abstract :
Trust models provide a framework to create and manage trust relationships among the different entities of a public key infrastructure (PKI). These trust relationships are verified through the certification path validation process, which involves: path discovery, signature verification and revocation status checking. When trust relationships are bidirectional, multiple paths can exist between two entities, which increase the runtime of the path discovery process. In addition, validation of long paths can be difficult, especially when storage and processing capacities of the verifier are limited. In this paper, we propose a protocol to establish a hierarchical trust model from a PKI with unidirectional and bidirectional trust relationships. This protocol makes more efficient the path validation process since in a hierarchical model, trust relationships are unidirectional and paths are easy to find. In addition, our protocol allows setting a maximum path length, so it can be adapted to the features of users´ terminals.
Keywords :
certification; protocols; public key cryptography; certification path validation process; hierarchical trust model; hybrid architecture; path discovery; public key infrastructure; revocation status checking process; signature verification; Certification; Content addressable storage; Data security; Engineering management; Handwriting recognition; Protocols; Public key; Runtime; Telematics; Web and internet services;
Conference_Titel :
Availability, Reliability and Security, 2006. ARES 2006. The First International Conference on
Print_ISBN :
0-7695-2567-9
DOI :
10.1109/ARES.2006.93
