DocumentCode
475745
Title
An Improved Delta and Over-issued Certificate Revocation Mechanism
Author
Zhang, Shaomin ; Wang, Haijiao
Author_Institution
Sch. of Comput., North China Electr. Power Univ., Baoding
Volume
2
fYear
2008
fDate
3-4 Aug. 2008
Firstpage
346
Lastpage
350
Abstract
With the increasing acceptance of digital certificates, how to find and revoke digital certificate which has been stopped has been become more and more important, which can avoid huge economic losses to end-user. At present the most popular choice is the use of lightweight directory access protocol (LDAP) directory server to issue the certificate revocation list (CRL). Based on the analysis of the certificate storage and publish in LDAP server, a new and more efficient certificate revocation mechanism is proposed in this paper. The new mechanism integrates Delta and over-issued CRL and windowed certificate revocation mechanism, which satisfies the scalability and flexibility requirements of certificate revocation mechanism, at the same time, and can provide near real-time certificate status when required. The design and performance of the new mechanism are analyzed in detail. CRL is organized in the form of binary sort tree structure in LDAP, which satisfies the query of the revocation of certificates rapidly in LDAP.
Keywords
access protocols; certification; public key cryptography; sorting; tree data structures; LDAP server; binary sort tree structure; certificate revocation list; certificate revocation mechanism; certificate storage; digital certificates; directory server; lightweight directory access protocol; Access protocols; Communication system control; Digital audio players; Energy management; Internet; Large-scale systems; Performance analysis; Power generation economics; Scalability; Tree data structures;
fLanguage
English
Publisher
ieee
Conference_Titel
Computing, Communication, Control, and Management, 2008. CCCM '08. ISECS International Colloquium on
Conference_Location
Guangzhou
Print_ISBN
978-0-7695-3290-5
Type
conf
DOI
10.1109/CCCM.2008.364
Filename
4609704
Link To Document