Results 1 -
4 of
4
On the Effectiveness of DNS-based Server Selection
- In Proceedings of IEEE Infocom
, 2001
"... ..."
Windowed Certificate Revocation
- in Proceedings of IEEE Infocom 2000
, 2000
"... Abstract—The advent of electronic commerce and personal communi-cations on the Internet heightens concerns over the lack of privacy and security. Network services providing a wide range of security related guar-antees are increasingly based on public key certificates. A fundamental problem inhibitin ..."
Abstract
-
Cited by 14 (1 self)
- Add to MetaCart
Abstract—The advent of electronic commerce and personal communi-cations on the Internet heightens concerns over the lack of privacy and security. Network services providing a wide range of security related guar-antees are increasingly based on public key certificates. A fundamental problem inhibiting the wide acceptance of existing certificate distribution services is the lack of a scalable certificate revocation mechanism. We argue in this paper that the resource requirements of extant revocation mechanisms place significant burden on certificate servers and network re-sources. We propose a novel mechanism called windowed revocation that satisfies the security policies and requirements of existing mechanisms and, at the same time, reduces the burden on certificate servers and network resources. We include a proof of correctness of windowed revocation and analyze worst case performance scenarios. I.
Addressing Weaknesses in the Domain Name System Protocol
, 1993
"... Schuba, Christoph. M.S., Purdue University, August 1993. Addressing Weaknesses in the Domain Name System Protocol. Major Professor: Eugene H. Spafford. ..."
Abstract
-
Cited by 13 (1 self)
- Add to MetaCart
Schuba, Christoph. M.S., Purdue University, August 1993. Addressing Weaknesses in the Domain Name System Protocol. Major Professor: Eugene H. Spafford.
A Scalable Key Distribution Hierarchy
"... As the use of the Internet for electronic commerce, audio and video conferencing, and other applications with sensitive content grows, the need for secure services becomes critical. Central to the success of these services is the support for secure public key distribution. Although there are several ..."
Abstract
-
Cited by 8 (3 self)
- Add to MetaCart
As the use of the Internet for electronic commerce, audio and video conferencing, and other applications with sensitive content grows, the need for secure services becomes critical. Central to the success of these services is the support for secure public key distribution. Although there are several existing services available for this purpose, they are not very scalable, either because they depend on a centralized server or rely on ad hoc trust relationships. In this paper, we present and examine a flexible approach to certificate distribution scalable to arbitrarily large networks. We propose a two level hierarchy where certificates can be independently authenticated by one or more peer authorities, called keyservers. Certificates for end-user and host entities are managed within local domains, called enterprises. By administering certificates close to the source, we reduce the load on the key servers and the effects of network topology changes. We describe the design of our system ...
