An Interdomain PKI Model Based on Trust Lists

Rifà-Pous, Helena; Herrera-Joancomartí, Jordi

doi:10.1007/978-3-540-73408-6_4

An Interdomain PKI Model Based on Trust Lists

Helena Rifà-Pous¹ &
Jordi Herrera-Joancomartí¹

Conference paper

884 Accesses
4 Citations

Part of the Lecture Notes in Computer Science book series (LNSC,volume 4582)

Abstract

The penetration of PKI technology in the market is moving slowly due to interoperability concerns. Main causes are not technical but political and social since there is no trust development model that appropriately deals with multidomain PKIs. We propose a new architecture that on one hand considers that trust is not an homogeneous property but tied to a particular relation, and on the other hand, trust management must be performed through specialized entities that can evaluate its risks and threads. The model is based on trust certificate lists that allows users to hold a personalized trust view without having to get involved in technical details. The model dynamically adapts to the context changes thanks to a new certificate extension, we have called TrustProviderLink (TPL).

Keywords

trust lists
reliability in PKI
interoperability
certificate extension

This is a preview of subscription content, access via your institution.

Chapter: USD 29.95; Price excludes VAT (Canada)

eBook: USD 39.99; Price excludes VAT (Canada)

Softcover Book: USD 54.99; Price excludes VAT (Canada)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Backhouse, J., Hsu, C., Baptista, J., Tseng, J.C.: The key to trust? signalling quality in the PKI market. In: Proceedings of the 11th European Conference on Information Systems, ECIS (2003)
Google Scholar
Doyle, P., Hanna, S.: Analysis of June 2003 Survey on Obstacles to PKI Deployment and Usage. OASIS Public Key Infrastructure (PKI) Technical Committee (TC) (2003)
Google Scholar
Shimaoka, M., Hastings, N., Nielsen, R.: Memorandum for multi-domain Public Key Infrastructure Interoperability. IETF Internet Draft (2007)
Google Scholar
Adams, C., Farrell, S., Kause, T., Mononen, T.: Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP). IETF RFC 4210. Standards Track (2005)
Google Scholar
Certipost: Trust List Usage Recommendations for a European IDA Bridge/Gateway CA Pilot for Public Administrations. IDA PKI II / EBGCA / WP1.2 (2004)
Google Scholar
Burr, W.E.: Public Key Infrastructure (PKI) technical Specification: Part A – Technical Concept of Operations. NIST Working Draft (1998)
Google Scholar
Blanchard, D.: I-CIDM Bridge to Bridge Interoperations. In: 5th Annual PKI R&D Workshop Making PKI Easy to Use (2006)
Google Scholar
EDS: A bridge CA for Europe’s Public Administrations - Feasibility study. European Commission - Enterprise DG. Public Key Infrastructure for Closed User Groups Project (2002)
Google Scholar
Malpani, A.: Bridge Validation Authority. White Paper, ValiCert (2001)
Google Scholar
Ølnes, J.: PKI Interoperability by an Independent, Trusted Validation Authority. In: 5th Annual PKI R&D Workshop Making PKI Easy to Use (2006)
Google Scholar
Casola, V., Mazzeo, A., Mazzocca, N., Vittorini, V.: Policy Formalization to combine separate systems into larger connected network of trust. In: Proc. of Int. Conf. on Network Control and Engineering for QoS, Security and Mobility (Net-Con) (2002)
Google Scholar
Chokhani, S., Ford, W., Sabett, R., Merrill, C., Wu, S.: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework. IETF RFC 3647 Informational (2003)
Google Scholar
Casola, V., Mazzeo, A., Mazzocca, N., Rak, M.: An Innovative Policy-Based Cross Certification Methodology for Public Key Infrastructures. In: Chadwick, D., Zhao, G. (eds.) EuroPKI 2005. LNCS, vol. 3545, pp. 100–117. Springer, Heidelberg (2005)
CrossRef Google Scholar
Cooper, M., Dzambasow, Y., Hesse, P., Joseph, S., Nicholas, R.: Internet X.509 Public Key Infrastructure: Certification Path Building. IETF RFC 4158. Informational (2005)
Google Scholar
Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF RFC 3280. Standards Track (2002)
Google Scholar
Berglund, A., Boag, S., Chamberlin, D., Fernndez, M.F., Kay, M., Robie, J., Simon, J.: XML Path Language (XPath) 2.0. W3C Recommendation (2007)
Google Scholar
ETSI: Electronic Signatures and Infrastructures (ESI); Provision of harmonized Trust Service Provider status information. Draft ETSI TS 102 231 V1.2.1 (2005)
Google Scholar
Bechhofer, S., van Harmelen, F., Hendler, J., Horrocks, I., McGuinness, D.L., Patel-Schneider, P.F., Stein, L.A.: OWL Web Ontology Language. W3C Recommendation (2004)
Google Scholar

Download references

Author information

Authors and Affiliations

Universitat Oberta de Catalunya, Rbla del Poblenou, 156, 08018 Barcelona, Spain
Helena Rifà-Pous & Jordi Herrera-Joancomartí

Authors

Helena Rifà-Pous
View author publications
You can also search for this author in PubMed Google Scholar
Jordi Herrera-Joancomartí
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Javier Lopez Pierangela Samarati Josep L. Ferrer

Rights and permissions

Reprints and Permissions

Copyright information

About this paper

Cite this paper

Rifà-Pous, H., Herrera-Joancomartí, J. (2007). An Interdomain PKI Model Based on Trust Lists. In: Lopez, J., Samarati, P., Ferrer, J.L. (eds) Public Key Infrastructure. EuroPKI 2007. Lecture Notes in Computer Science, vol 4582. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73408-6_4

Download citation

DOI: https://doi.org/10.1007/978-3-540-73408-6_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73407-9
Online ISBN: 978-3-540-73408-6
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics