Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker. (9th February 2017)
- Record Type:
- Journal Article
- Title:
- Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker. (9th February 2017)
- Main Title:
- Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker
- Authors:
- Wazan, Ahmad Samer
Laborde, Romain
Chadwick, David W.
Barrere, Francois
Benzekri, Abdelmalek
Kaiiali, Mustafa
Habbal, Adib - Other Names:
- Masucci Barbara Academic Editor.
- Abstract:
- Abstract : A Public Key Infrastructure (PKI) is considered one of the most important techniques used to propagate trust in authentication over the Internet. This technology is based on a trust model defined by the original X.509 (1988) standard and is composed of three entities: the certification authority (CA), the certificate holder (or subject), and the Relying Party (RP). The CA plays the role of a trusted third party between the certificate holder and the RP. In many use cases, this trust model has worked successfully. However, we argue that the application of this model on the Internet implies that web users need to depend on almost anyone in the world in order to use PKI technology. Thus, we believe that the current TLS system is not fit for purpose and must be revisited as a whole. In response, the latest draft edition of X.509 has proposed a new trust model by adding new entity called the Trust Broker (TB). In this paper, we present an implementation approach that a Trust Broker could follow in order to give RPs trust information about a CA by assessing the quality of its issued certificates. This is related to the quality of the CA's policies and procedures and its commitment to them. Finally, we present our Trust Broker implementation that demonstrates how RPs can make informed decisions about certificate holders in the context of the global web, without requiring large processing resources themselves.
- Is Part Of:
- Security and communication networks. Volume 2017(2017)
- Journal:
- Security and communication networks
- Issue:
- Volume 2017(2017)
- Issue Display:
- Volume 2017, Issue 2017 (2017)
- Year:
- 2017
- Volume:
- 2017
- Issue:
- 2017
- Issue Sort Value:
- 2017-2017-2017-0000
- Page Start:
- Page End:
- Publication Date:
- 2017-02-09
- Subjects:
- Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1155/2017/6907146 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 23565.xml