Graded Trust of Certificates and Its Management with Extended Path Validation
スポンサーリンク
概要
- 論文の詳細を見る
In modern information service architectures, many servers are involved in service building, in which servers must rely on the information provided by other servers thereby creating a trust. This trust relation is central to building services in distributed environments, and is closely related to information security. Almost every standard on information security is concerned with the internal control of an organization, and particularly with authentication. In this paper, we focus on a trust model of certificate authentication. Conventionally, a trust model of certificates is defined as a validation of chains of certificates. However, today, this trust model does not function well because of the fragmentation problem caused by complexities of paths and by fine a requirement at security levels. In this paper, we propose “dynamic path validation” together with another trust model of PKI for controlling this situation. First, we propose Policy Authority. Policy Authority assigns a level of compliance (LoC) to CAs in its trust domain. LoC is evaluated in terms of the certificate common criteria of Policy Authority. Moreover, it controls the path building with considerations of LoC. Therefore, we can flexibly evaluate levels of CP/CPSs in a single server. In a typical bridge model, we need as many bridge CAs as the number of required levels of CP/CPSs. In our framework, instead, we can do the same task in a single server, by which we can save costs of maintaining lists of trust anchors at multiple levels.
論文 | ランダム
- 顔面神経及び顔面筋の加齢変化についての検討 : 皺の定量的判定と加齢変化を中心にして
- ベル麻痺およびハント症候群の保存的治療成績 : 過去15年間のステロイド大量療法を中心として
- 当科における鼓室形成術の術後聴力成績 : 伝音再建材料による検討
- 頭頸部癌における Dihydropyrimidine Dehydrogenase, Thymidylate Synthase, Orotate Phosphoribosyl Transferase の発現と臨床病理学的因子に関する検討
- 植物遺伝子の魅力 : 生物工学分野への応用(第62回大会シンポジウム報告)