Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2004.11C.1.021

A New Certificate Validation Method Allowing CAs to Participate the Certificate Path Validation Processing  

Choi, Yeon-Hee (숭실대학교 대학원 컴퓨터학과)
Park, Mi-Og (숭실대학교 대학원 컴퓨터학과)
Jun, Moon-Seog (숭실대학교 컴퓨터학과)
Publication Information
The KIPS Transactions:PartC / v.11C, no.1, 2004 , pp. 21-30 More about this Journal
Abstract
Most applications using the PKI allows a user to execute the certificate validation processing. The efficiency of user system can be declined by the user-side processing resulting the overhead and low speed of the validation processing. Therefore, in this paper, we propose a new certificate validation processing method can decrease the overhead on user by allowing CAs of the hierarchical PKI to participate in the validation processing. Therefore, our proposed scheme can not only reduce the considerable overhead caused by the user-side whole processing without a new implementation of the delegated server but also improve the time spent for the processing by the reduction of the validation processing job on user.
Keywords
Public Key Infrastructure; Certificate Validation; Certificate Path Processing; Certificate Authority;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 심희원, 'DNS를 이용한 상호 연동 및 인증서 검증 방안', http://www.kisa.or.kr/K_trend/KisaNews/200201/focus.html
2 N. A. Nazario, 'Security Policies for the Federal Public Key Infrastructure,' 19th NISSC, October, 1996
3 염흥렬, '<테마특강> 공개키 기반 구조(PKI) 기술 동향', 전자신문 ET news, http://www.etimesi.co.kr/news/detail.html?id = 200102190074
4 R. Housley, W. Polk, D. Solo, 'Internet X.509 Public Key Infrastructure Certificate and CRL Profile,' IETF RFC 2459, January, 1999
5 M. Myers, 'X.509 Internet Public Key Infrastructure, Online Certificate Status Protocol-OCSP,' IETF RFC 2560, June, 1999
6 황보성, '서버기반 인증서 검증', http://www.rootca.or.kr/down/downl/Server%20Based%20Certificate%20Validation.pdf
7 Ambarish Malpani, Paul Hoffman, Russ Housley and Trevor Freeman, 'Simple Certificate Validation Protocol (SCVP),' IETF draft-ietf-pkix-scvp-06.txt, July, 2001
8 염흥렬, 'DPD/DPV기능을 갖는 OCSPv2표준', 표준화동향 특집, http://www.ldsaor.la-/K^trend/KisaNews/200108/standardixation_07.html
9 M. Branchaud, J. Linn, 'Extended Validation Models in PKI : Alternatives and Implications,' 1st Annual PKI Research Workshop--Proceedings, 2001
10 M. Myers, A. Malpani, D. Pinkas, 'X.509 Internet Public Key Infrastructure Online Certificate Status Protocol, version 2,' IETF draft-ietf-pkix-ocspv2-text-01.txt, December, 2002
11 D. Pinkas, 'Certificate Validation Protocol,' IETF draft-ietf-pkix-cvp-01.txt, October, 2002
12 Albert Levi, M.Ufuk Caglayan, 'Analytical performance evaluation of nested certificates,' Performance Evaluation, Vols.36-37, pp.213-232, August, 1999   DOI   ScienceOn
13 ETRI ZONE/R&D News, '세계 최초의 통합형 인증서 검증 시스템(CVS-Certificate Validation System) 개발', http://www.etri.re.kr/news/02-03/etri05.htm