Calculating and Evaluating Trustworthiness of Certification Authority
نویسندگان
چکیده
In a public key infrastructure trust model, a trust is transferred along a set of certificates, issued by certificate authorities (CAs) considered as trustfully third parties, providing a trust chain among its entities. In order to deserve this trustworthiness, a CA should to apply the rigorous procedures for generating keys, checking the identities, and following reliable security practices. Any deficiency in these procedures may influence its trustworthiness. In this context, some authorities could be weaker than others. Then, relying parties (RPs) need a mechanism to evaluate CA trustworthiness. In this paper, we provide them this mechanism to have information about its trustworthiness. In fact, we propose a trust level calculation algorithm that is based on three parameters which are the CA reputation, the quality of procedures described in the certificate policy and its security maturity level.
منابع مشابه
Modeling X.509 Certificate Policies Using Description Logics
Public Key Infrastructures are gaining importance in today's IT environment for managing certificates and keys. It is recognized, that the quality and trustworthiness of certificates depend to a large extend on the practices and procedures a certification authority applies when issuing certificates. These procedures are documented in certificate policies, which are generally text-based document...
متن کاملPKI Interoperability by an Independent, Trusted Validation Authority
Interoperability between PKIs (Public Key Infrastructure) is a major issue in several electronic commerce scenarios. This paper suggests an approach based on a trust model where an independent Validation Authority (VA) replaces Certification Authorities (CA) as the trust anchor for the receiver of a PKI certificate (the Relying Party, RP). By trusting the VA, the RP is able to trust all CAs tha...
متن کاملWeb PKI: Closing the Gap between Guidelines and Practices
A string of recent attacks against the global public key infrastructure (PKI) has brought to light weaknesses in the certification authority (CA) system. In response, the CA/Browser Forum, a consortium of certification authorities and browser vendors, published in 2011 a set of requirements applicable to all certificates intended for use on the Web and issued after July 1st, 2012, following the...
متن کاملRisk and Trust Management Techniques RISK AND TRUST MANAGEMENT TECHNIQUES FOR AN “OPEN BUT BOUNDED” PUBLIC KEY INFRASTRUCTURE
Establishing trustworthiness requires an analysis of the business, technical and legal requirements for each party to a Public Key Infrastructure (PKI) based transaction. Much of the current discussion about PKI requirements revolves around the license, accreditation, or other sets of ratings as applied to certification authorities (CA). It is becoming apparent that an exclusive focus on CA qua...
متن کاملSpecification of Access Control and Certification Policies for Semantic Web Services
Web service providers specify access control policies to restrict access to their Web services. It turned out, that since the Web is an open, distributed and dynamic environment, in which a central controlling instance cannot be assumed, capability based access control is most suitable for this purpose. However, since practically every participant can certify capabilities defined in his/her own...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IJCNIS
دوره 8 شماره
صفحات -
تاریخ انتشار 2016