Abstract
Authentication of users in an automated business transaction is commonly realized by means of a Public Key Infrastructure(PKI). A PKI is a framework on which the security services are built. Each user or end entity is given a digitally signed data structure called digital certificate. In Hierarchical PKI, certificate path is unidirectional, so certificate path development and validation is simple and straight forward. Peer-to-Peer(also called Mesh PKI) architecture is one of the most popular PKI trust models that is widely used in automated business transactions, but certificate path verification is very complex since there are multiple paths between users and the certification path is bidirectional. In this paper, we demonstrate the advantage of certificate path verification in Hierarchical PKI based on forward path construction method over reverse path construction method with respect to the time requirement. We also propose a novel method to convert a peer-to-peer PKI to a Depth First Search(DFS) spanning tree to simplify the certificate path verification by avoiding multiple paths between users, since the DFS spanning tree equivalent of peer-to-peer PKI contains only one path between any two Certification Authorities.
Highlights
During automated business transactions, one of the nontrivial security services to be established by a security system is the trust between the participating users
The purpose of this paper is to show the benefit of certificate path verification using forward path construction method over reverse path construction method in Hierarchical Public Key Infrastructure (PKI)
We propose a novel method to convert a Peer-to-Peer PKI to a Depth First Search(DFS) spanning tree to simplify the certificate path verification by avoiding multiple paths between users
Summary
One of the nontrivial security services to be established by a security system is the trust between the participating users. Trust can be realized by means of a Public Key Infrastructure(PKI). The. Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates(Mazaher and Roe, 2003). Digital signatures play an essential role for security Vol 1 No 1, April 2010 on the Internet
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Journal of Technology Management for Growing Economies
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.