Using CRL Push Delivery for Efficient Certificate Revocation Information Distribution in Grids
نویسندگان
چکیده
Checking revocation information is necessary to prevent from using digital certificates whose contents become invalid. In current system either periodical retrieval of Certificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP) are the most common mechanisms to access revocation information issued by the certification authorities. As both these approaches pose problems we propose a new method based on a Push model, which is based on the Grid Monitoring Architecture. Using this approach we guarantee the revocation information is distributed in a robust and timely manner. We also describe a pilot implementation of the service based on the proposed design.
منابع مشابه
Intrusion prevention and Message Authentication Protocol (IMAP) using Region Based Certificate Revocation List Method in Vehicular Ad hoc Networks
Vehicular Ad-hoc network uses some advanced Public Key Infrastructure and digital signature method for security. But, intrusion detection and avoidance is an inevitable challenge in networks. Authentication is performed in any PKI (Public Key Infrastructure) system by checking if the certificate of the sender is included in the CRL (Certificate Revocation List) and verifying the authenticity an...
متن کاملDesign of Simple and Efficient Revocation List Distribution in Urban areas for VANET's
Vehicular Ad hoc Networks is one of the most challenging research area in the field of Mobile Ad Hoc Networks, in this research we propose a flexible, simple, and scalable design for revocation list distribution in VANET, which will reduce channel overhead and eliminate the use of CRL. Also it will increase the security of the network and helps in identifying the adversary vehicles. We are prop...
متن کاملA Model of Certificate Revocation
This paper presents a model for the distribution of revocation information using certificate revocation lists (CRLs). This model is used to highlight inefficiencies in the “traditional” method of distributing certificate status information using CRLs. Two alternative CRL-based revocation distribution mechanisms, over-issued CRLs and segmented CRLs, are then presented. The original model is then...
متن کاملCertificate Revocation System Based on Peer-to-Peer CRL Distribution
Secure usage of public key certificates relies on the possibility to revoke such a certificate in certain situations, for example in case its corresponding private key is compromised. The usual approach for providing revocation information is based on Certificate Revocation Lists (CRLs). CRLs need to be downloaded frequently by end-users to insure the timeliness of the revocation information. I...
متن کاملSecure Authentication Using Certificate Revocation List (Crl) and Message Signature in Vanet
A vehicular ad hoc network (VANETs) provides the security through the Public Key Infrastructure (PKI) and Certificate Revocation Lists (CRLs). In any PKI system, the signature of sender and certificate should be verified in CRL list. Also verifying the certificate of the sender then authentication is provided to received message. In this paper, secure hash authentication protocol (SHAP) verifie...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2007