Geographic server distribution model for key revocation

Telecommunication Systems

Volumn 44, Issue 3-4, 2010, Pages 281-295

  Misra, Sudip ^a   Goswami, Sumit ^a   Pathak, Gyan Prakash ^a   Shah, Nirav ^a   Woungang, Isaac ^b  

^a INDIAN INSTITUTE OF TECHNOLOGY   (India)

^b RYERSON UNIVERSITY   (Canada)

Author keywords

Certifying authority; Geographic server distribution; Key revocation; Public Key Infrastructure; Strongest availability zone

Indexed keywords

AUTHENTICATION SERVERS; DISTRIBUTED MODELS; DISTRIBUTION MODELS; GAIN INFORMATION; KEY AUTHENTICATION; KEY DISTRIBUTION; KEY MANAGEMENT; KEY REVOCATION; NETWORK SERVICES; PUBLIC KEY INFRASTRUCTURE; REVOCATION MECHANISM; SECURITY AND PERFORMANCE; SERVICE AVAILABILITY;

AUTHENTICATION; KEYS (FOR LOCKS); LEGACY SYSTEMS; MANAGEMENT INFORMATION SYSTEMS; SECURITY OF DATA;

PUBLIC KEY CRYPTOGRAPHY;

EID: 77954886398     PISSN: 10184864     EISSN: 15729451     Source Type: Journal    
DOI: 10.1007/s11235-009-9254-x     Document Type: Article

References (39)

1. Maurer, U. (2004). New approaches to digital evidence. Proceedings of the IEEE, 92 (6), 933-947.
2. The World Internet Security Company (2008). http://www1.wisekey.com/ products/. Last accessed 16th August (2008).
3. The Controller of Certifying Authority (2008). http://www.cca.gov.in. Last accessed 21st August (2008).
4. The National Informatics Centre (2008). Certifying Authority, http://nicca.nic.in/index.jsp. Last accessed 21st August (2008).
5. The Tata Consultancy Services (2008). Certifying Authority, http://www.tcs-ca.tcs.co.in. Last accessed 21st August (2008).
6. Hong, D., & Kang, J. (2005). An efficient key distribution scheme with self-healing property. IEEE Communications Letters, 9 (8), 759-761.
7. Vanrenen, G., & Smith, S. (2004). Distributing security-mediated PKI. In LNCS: Vol. 3093. Proc. 1st European PKI workshop (EuroPKI 2004) (pp. 218-231). Berlin: Springer.
8. Wohlmacher, P. (2000). Digital certificates: a survey of revocation methods. In Proceedings of the 2000 ACM workshops on multimedia 2000 (pp. 111-114). Los Angeles, California, United States.
9. Kocher, P. (1998). On certificate revocation and validation. In LNCS. Proc. Int. Conf. Financial Cryptography. Berlin: Springer.
10. Zheng, P. (2003). Tradeoffs in certificate revocation schemes. ACM SIGCOMM Computer Communication Review, 33 (2), 103-112.
11. Myer, M. (1998). Revocation: options and challenges. In Lecture Notes in Computer Science. Proc. financial cryptography: second international conference, FC'98, British West Indies, 23-25 February 1998 (pp. 165-171). Berlin: Springer.
12. Lo, C. M., Hwang, T., & Li, C. M. (2007). Revocation-free publickey encryption based on security-mediated public-key infrastructure. IET Information Security, 1 (3), 134-141.
13. Boneh, D., Ding, X., Tsudik, G., & Wong, M. (2001). A method for fast revocation of public key certificates and security capabilities. In Proc. 10th USENIX security symposium (pp. 297-308).
14. Al-Riyami, S. S., & Paterson, K. G. (2003). Certificateless public key cryptography. In LNCS: Vol. 2894. Advances in cryptology-Asiacrypt'2003 (pp. 452-473). Berlin: Springer.
15. Gentry, C. (2003). Certificate-based encryption and the certificate revocation problem. In LNCS: Vol. 2656. Proc. Eurocrypt 2003 (pp. 272-293). Berlin: Springer.
16. Critchlow, D., & Zhang, N. (2004). Revocation invocation for accountable anonymous PKI certificate trees, computers and communications. In Proceedings of ISCC 2004, 28 June-1 July 2004 (Vol. 1, pp. 386-392).
17. Chow, S. S. M., Boyd, C., & Nieto, J. M. G. (2006). Securitymediated certificate-less cryptography. In Public key cryptography (pp. 508-524).
18. Cooper, D. (1999). A model of certificate revocation. In Proc. fifteenth annual computer security applications conf. (pp. 256-264).
19. Cooper, D. (2000). A more efficient use of delta-CRLs. In IEEE proceedings of the IEEE symposium on security and privacy (pp. 190-202).
20. Naor, M., & Nissim, K. (2000). Certificate revocation and certificate update. IEEE Journal on Selected Areas in Communications, 18 (4), 561-570.
21. McDaniel, P., & Jamin, S. (1998). Key distribution hierarchy. (Technical Report CSE-TR-366-98, EECS). University of Michigan, Ann Arbor.
22. Berta, I. Z., Buttya, L., & Vajda, I. (2005). A framework for the revocation of unintended digital signatures initiated by malicious terminals. IEEE Transactions on Dependable and Secure Computing, 2 (3), 268-272.
23. Dini, G., & Savino, I. M. (2006). An efficient key revocation protocol for wireless sensor networks. In Proceedings of the 2006 international symposium on a world of wireless, mobile and multimedia networks (WoWMoM'06) (pp. 3-5). Buffalo, New York, 26-29 June 2006.
24. Narten, T., Nordmark, E., & Simpson, W. (1998). Neighbour discovery for IP version 6. RFC 2461, December 1998.
25. Libert, B., & Quisquater, J. J. (2003). Efficient revocation and threshold pairing based cryptosystems. In Proc. symp. principles of distributed computing (PODC'2003) (pp. 163-171).
26. Pinkas, B. (2004). Efficient state updates for key management. Proceedings of the IEEE, 92 (6), 910-917.
27. Millen, J. K., & Wright, R. N. (1998). Certificate revocation the responsible way. In Proceedings of computer security, dependability and assurance: from needs to solutions (CSDA'98) (pp. 196-203). Los Alamitos: IEEE Comput. Soc.
28. Jeong, J., Lee, K., Park, J., Lee, H., & Kim, H. (2003). The auto configuration of recursive DNS server and the optimization of DNS name resolution in hierarchical mobile IPv6. In Proc. vehicular technology conference (VTC 2003), Fall 2003 (Vol. 5, pp. 3439-3442).
29. The OPNET IT Guru Academic Edition (2008). http://www.opnet.com/ university-program/itguru-academic-edition/. Last accessed 21st August 2008.
30. Shi, M., Shen, X., Jiang, Y., & Lin, C. (2007). Self-healing groupwise key distribution schemes with time-limited node revocation for wireless sensor networks. IEEE Wireless Communications, 14 (5), 38-46. (Pubitemid 350231652)
31. Clifford, B., Neuman, O., & Theodore, T. (1994). Kerberos: an authentication service for computer networks. IEEE Communications, 32 (9), 33-38.
32. Callas, J., Donnerhacke, L., Finney, H., Shaw, D., & Thayer, R. (2007). OpenPGP message format. RFC 4880, November 2007.
33. Dierks, T., & Allen, C. (1999). The TLS protocol version 1.0. Request for comments: 2246, January 1999.
34. Hunter, B. (2002). Simplifying PKI usage through a client-server architecture and dynamic propagation of certificate paths and repository addresses. In Proceedings of 13th international workshop on database and expert systems applications (pp. 505-510). University of Marseille, France, 2-6 Sept.
35. Finseth, C. (1993). An access control protocol, sometimes called TACACS. RFC1492, July 1993.
36. McDaniel, P., & Jamin, S. (2008) A key scalable distribution hierarchy. http://citeseerx.ist.psu.edu/viewdoc/summary?doi= 10.1.1.50.316. Last accessed 21st August 2008.
37. Kent, S., & Atkinson, R. (1998). IP authentication header. Request for comments: 2402, November 1998.
38. Kent, S., & Atkinson, R. (1998). IP encapsulating security payload (ESP). RFC240, November 1998.
39. Mealling, M. (2002). Dynamic delegation discovery system (DDDS): the domain name system (DNS) database. RFC 3403, October 2002.