Sciweavers

SRDS
2007
IEEE

Framework for Intrusion Tolerant Certification Authority System Evaluation

14 years 6 months ago
Framework for Intrusion Tolerant Certification Authority System Evaluation
Various intrusion tolerant certification authority (CA) systems have been recently proposed to provide attack resistant certificate update/query services. However, it is difficult to compare them against each other directly due to diversity in system organizations, threshold cryptography schemes, protocols and usage scenarios. We present a framework for intrusion tolerant CA system evaluation, which consists of three components, namely, an intrusion tolerant CA model, a threat model and a metric for comparative evaluation. The framework covers system organizations, protocols, usage scenarios, period of certificate validity, revocation rate and mean time to recovery (MTTR). Based on the framework, four representative CA systems are evaluated and compared in three typical usage scenarios, producing reasonable and insightful results. The inter-dependency between usage scenarios and system characteristics is investigated, providing a guideline to design better systems for different usage ...
Jingqiang Lin, Jiwu Jing, Peng Liu
Added 04 Jun 2010
Updated 04 Jun 2010
Type Conference
Year 2007
Where SRDS
Authors Jingqiang Lin, Jiwu Jing, Peng Liu
Comments (0)