TY - GEN
T1 - Reducing the cost of certificate revocation
T2 - 6th European Workshop on Public Key Services, Applications and Infrastructures, EuroPKI 2009
AU - Ofigsbø, Mona H.
AU - Mjølsnes, Stig Frode
AU - Heegaard, Poul
AU - Nilsen, Leif
PY - 2010
Y1 - 2010
N2 - We investigate how to reduce the cost of certificate revocation in the PKI system of UNINETT (The Internet of Norwegian Universities and Colleges), by analyzing and characterizing existing users' needs and behavior. The focus is on how to reduce the number of revoked certificates and bandwidth consumption in order to achieve better scalability. We distinguish between three main types of revocation mechanisms: list pull, list push, and short validity period. We try to find the optimal parameter values with respect to revocation method, the number of groups, group size, validity period duration, application type access, and certificate security policy. The current user categories are permanent employees, temporary employees and students. This paper analyzes the collected empirical data for how long the users actually stay in the system, and the reasons and frequency of user terminations that require certificate revocations, and then models the consequences for certificate revocation.
AB - We investigate how to reduce the cost of certificate revocation in the PKI system of UNINETT (The Internet of Norwegian Universities and Colleges), by analyzing and characterizing existing users' needs and behavior. The focus is on how to reduce the number of revoked certificates and bandwidth consumption in order to achieve better scalability. We distinguish between three main types of revocation mechanisms: list pull, list push, and short validity period. We try to find the optimal parameter values with respect to revocation method, the number of groups, group size, validity period duration, application type access, and certificate security policy. The current user categories are permanent employees, temporary employees and students. This paper analyzes the collected empirical data for how long the users actually stay in the system, and the reasons and frequency of user terminations that require certificate revocations, and then models the consequences for certificate revocation.
KW - Revocation schemes
KW - architecture
KW - network aspects
KW - policies
KW - scalability
UR - http://www.scopus.com/inward/record.url?scp=78449265237&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-16441-5_4
DO - 10.1007/978-3-642-16441-5_4
M3 - Conference contribution
AN - SCOPUS:78449265237
SN - 3642164404
SN - 9783642164408
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 51
EP - 66
BT - Public Key Infrastructures, Services and Applications - 6th European Workshop, EuroPKI 2009, Revised Selected Papers
Y2 - 10 September 2009 through 11 September 2009
ER -