Distributed Public Key Certificate-Issuing Infrastructure for Consortium Certificate Authority Using Distributed Ledger Technology
نویسندگان
چکیده
With the development of cloud services and Internet Things, integration heterogeneous systems is becoming increasingly complex. Identity management important in coordination various systems, public key infrastructure (PKI) widely known as an identity methods. In PKI, a certificate authority (CA) acts trust point to guarantee entities such users, devices, services. However, traditional CAs that delegate operations specific organization are not always suitable for services, new methodology required enable multiple stakeholders securely cooperatively operate CA. this study, we introduce concept consortium CA propose distributed certificate-issuing realizes The proposed enables organizations involving stakeholders. We identify four requirements cooperative operation design with ledger technology. Furthermore, present implementation smart contracts Hyperledger Fabric prove satisfies requirements. Finally, confirm issuance verification stable at approximately 4 3 ms, respectively.
منابع مشابه
Alternative Certificate Formats for the Public-Key Infrastructure Using X.509 (PKIX) Certificate Management Protocols
This document is not a candidate for any level of Internet Standard. The IETF disclaims any knowledge of the fitness of this document for any purpose, and in particular notes that it has not had IETF review for such things as security, congestion control, or inappropriate interaction with deployed protocols. The RFC Editor has chosen to publish this document at its discretion. Readers of this d...
متن کاملDistributed Certificate Authority in Cluster-based Ad hoc networks
The need to secure communication in ad hoc network is extremely challenging because of the dynamic nature of the network and the lack of centralized management. This makes public key cryptographic services particularly difficult to support. We propose a distributed certificate authority intended for deployment in an NTDR cluster-based architecture. We also outline procedures for maintaining thi...
متن کاملECPV: Efficient Certificate Path Validation in Public-key Infrastructure
In the current public-key infrastructure (PKI) schemes based on X.509, a relying party must validate a user’s certificate as well as the existence of a path from its trust points to the CA of the certificate. The latter part is referred to as certificate path validation. In this paper, we suggest an efficient certificate path validation scheme (ECPV) that employs delegation with efficient compu...
متن کاملInternet X.509 Public Key Infrastructure Certificate and CRL Profile
Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This memo profiles the X.509 v3 ...
متن کاملInternet X.509 Public Key Infrastructure Certificate Management Protocol (CMP)
Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document describes the Inte...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Security and Communication Networks
سال: 2023
ISSN: ['1939-0122', '1939-0114']
DOI: https://doi.org/10.1155/2023/9559439