Certificate Revocation Release Policies

Certificate Revocation Release Policies

Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the Internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this area has concentrated on the tra...

Full description

Saved in:
Bibliographic Details
Main Authors: HU, Nan, Tayi, Giri Kumar, MA, Chengyu, LI, Yingjiu
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2009
Subjects:
Electronic data interchange
Public key infrastructure
certificate revocation list
digital certificate
decision-making
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/791
http://dx.doi.org/10.3233/JCS-2009-0330
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-1790
record_format dspace
spelling sg-smu-ink.sis_research-17902014-02-07T07:27:07Z Certificate Revocation Release Policies HU, Nan Tayi, Giri Kumar MA, Chengyu LI, Yingjiu Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the Internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this area has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real data from VeriSign and suggest a functional form for the probability density function of certificate revocation requests. Exponential distribution function is chosen as it adequately approximates the real data. We then provide an economic model based on which a certificate authority can choose the optimal Certificate Revocation List (CRL) release interval considering the intrinsic properties among different types of certificate services. To conclude we draw some insights by comparing the performance of four different CRL strategies. 2009-03-01T08:00:00Z text https://ink.library.smu.edu.sg/sis_research/791 info:doi/10.3233/JCS-2009-0330 http://dx.doi.org/10.3233/JCS-2009-0330 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Electronic data interchange Public key infrastructure certificate revocation list digital certificate decision-making Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Electronic data interchange
Public key infrastructure
certificate revocation list
digital certificate
decision-making
Information Security
spellingShingle Electronic data interchange
Public key infrastructure
certificate revocation list
digital certificate
decision-making
Information Security
HU, Nan
Tayi, Giri Kumar
MA, Chengyu
LI, Yingjiu
Certificate Revocation Release Policies
description Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the Internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this area has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real data from VeriSign and suggest a functional form for the probability density function of certificate revocation requests. Exponential distribution function is chosen as it adequately approximates the real data. We then provide an economic model based on which a certificate authority can choose the optimal Certificate Revocation List (CRL) release interval considering the intrinsic properties among different types of certificate services. To conclude we draw some insights by comparing the performance of four different CRL strategies.
format text
author HU, Nan
Tayi, Giri Kumar
MA, Chengyu
LI, Yingjiu
author_facet HU, Nan
Tayi, Giri Kumar
MA, Chengyu
LI, Yingjiu
author_sort HU, Nan
title Certificate Revocation Release Policies
title_short Certificate Revocation Release Policies
title_full Certificate Revocation Release Policies
title_fullStr Certificate Revocation Release Policies
title_full_unstemmed Certificate Revocation Release Policies
title_sort certificate revocation release policies
publisher Institutional Knowledge at Singapore Management University
publishDate 2009
url https://ink.library.smu.edu.sg/sis_research/791
http://dx.doi.org/10.3233/JCS-2009-0330
_version_ 1770570716597452800

Similar Items