• Title/Summary/Keyword: Validation Server

Search Result 72, Processing Time 0.026 seconds

A New Certificate Path Processing Scheme employed the Trusted CA for improving an efficiency on the Computational Aspect (연산적 측면의 효율성을 향상시키는 신뢰 CA를 이용한 새로운 인증 경로 처리 기법)

  • 최연희;전문석
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.28 no.9C
    • /
    • pp.908-922
    • /
    • 2003
  • The Public Key Infrastructure (PKI) trends to delegate the certificate path processing to the Delegated Path Discovery (DPD) Server and Delegated Path Validation (DPV) server recently. The most critical factor for the selection of the delegated server is to allow the server to be equipped with a high reliability through a low cost, and simple implementation. In this paper, we propose a new certificate path processing scheme employed the trusted CA as the DPD/DPV server by adding the capability of the Validation Authority (VA) to the trusted CA. Since our proposed scheme uses the existing trusted CA as validation server, we can achieve a high trust through a simple implementation for the processing. Besides, we propose an additional scheme for reducing an overhead on the trusted CA. it is obtained by delegating digital signature verification to CAs on the path and by skipping the repeated path processing. As the result, our proposed validation scheme can be performed efficiently with high speed and low computational overhead.

Delegated Attribute Certificate Validation And Protocol (PMI 인증서 검증 위임 및 검증 프로토콜)

  • 이승훈;송주석
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.1
    • /
    • pp.59-67
    • /
    • 2003
  • PMI(Privilege Management Infrastructure) certificates as well as Public-Key certificates must be validated before being used. Validation for a PMI certificate requires PMI certificate path validation, and PKC(Public-Key Certificate) path validations for each entity in the PMI certificate path. This validation work is quite complex and burdened to PMI certificate verifiers. Therefore, this paper suggests a delegated PMI certificate validation that uses specialized validation server, and defines a validation protocol which is used between validation server and client.

A Real-Time Certificate Status Validation Protocol for Reducing the Computational Time in Client and Server - RCSVP (클라이언트와 서버의 연산시간을 줄여주는 실시간 인증서 상태 검증에 관한 연구)

  • Lee Young-Sook;Cho Seok-Hyang;Won Dong-Ho;Lee Young-Gyo
    • The Journal of the Korea Contents Association
    • /
    • v.5 no.2
    • /
    • pp.95-105
    • /
    • 2005
  • As a research on PKI is being very popular, the study relating to certificate status validation is being grown with aim to reduce an overhead of the protocol and to provide an efficient operation. The OCSP of the standard protocol related to the study enables applications to determine the revocation state of an identified certificate. However, the OCSP server can not service millions of certificate status validation requests from clients in a second on E-commerce because of the computational time for signature and verification. So, we propose the Real-time Certificate Status Validation Protocol(RCSVP) that has smaller computational time than OCSP. RCSVP server reduce the computational time of certificate status validation using hash function and common secret value. Also RCSVP client does not need the computational time of certificate verification to acquire the public key from an identified certificate. Therefore, the proposed protocol enables server to response millions of certificate status validation requests from clients in a second on E-commerce.

  • PDF

A Study on the Realtime Cert-Validation of Certification based on DARC (DARC 기반에서의 실시간 인증서 유효성 검증에 관한 연구)

  • 장홍종;이정현
    • Proceedings of the CALSEC Conference
    • /
    • 2001.08a
    • /
    • pp.155-163
    • /
    • 2001
  • There are cases that revoke the certification because of disclosure of private key, deprivation of qualification and the expiration of a term of validity based on PKI. So, a user have to confirm the public key whether valid or invalid in the certification. There are many method such as CRL, Delta-CRL, OCSP for the cert-validation of certification. But these method many problems which are overload traffic on network and the CRL server because of processing for cert-validation of certification. In this paper we proposed the realtime cert-validation of certification method which solved problems that are data integrity by different time between transmission and receiving for CRL, and overload traffic on network and the CRL server based on DARC.

  • PDF

An Efficient Certificate Status and Path Validation System for Client-Server Environment (클라이언트-서버환경에 적합한 효율적인 인증서상태 및 경로검증 시스템)

  • 최영철;박상준;원동호
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.1
    • /
    • pp.99-113
    • /
    • 2003
  • As a research on PKI(Public Key Infrastructure) is being very popular, the study relating to certificate status and path validation is being grown with aim to reduce an overhead of the protocol and to provide an efficient operation. But in spite of a lot of related research there is still almost no protocol that we can use for real-time based client-server environment with large scale like internet banking. In this paper, we shows that the existing standards or protocols are not suitable to be used for such a real-time based client-server environment with large scale, and then proposes an efficient certificate status and path validation system.

A Study of Wireless LAN Cryptosystem for Supporting Realtime Mutual Authentication (실시간 상호인증 지원을 위한 무선랜 보안시스템에 관한 연구)

  • Lee Sang-Ryul
    • Journal of the Korea Society of Computer and Information
    • /
    • v.10 no.5 s.37
    • /
    • pp.161-170
    • /
    • 2005
  • The Certificate Revocation List(CRL) or the Online Certificate Status Protocol(OCSP)has been used to validate certificates. However, the CRL cannot validate certificates in realtime because of the Time-Gap problem and the OCSP server overloads in a large scale secure system. In addition, the client cannot access a wired LAN until the client has been authenticated by the authentication server on the IEEE 802. 1x framework. Therefore, the client cannot validate the authentication server's certificate using a certificate validation server. Thus, the client cannot authenticate the authentication server in realtime. To solve these problems this paper designed a secure system that can protect the content of communications and authenticate users in realtime on a wireless LAN The designed certificate validation protocol was proved that the stability and efficiency of the system was very high, the result of the validation had the presence, the speed of the validation was not affected by the system scale, the number of authorities user must trust was reduced to one, and the overload of the validation server was Protected. And the designed user authentication and key exchange protocols were Proved that the mutual authentication was possible in realtime and the fact of the authentication could be authorized by the CA because of using the authorized certificates.

  • PDF

Design of weighted federated learning framework based on local model validation

  • Kim, Jung-Jun;Kang, Jeon Seong;Chung, Hyun-Joon;Park, Byung-Hoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.27 no.11
    • /
    • pp.13-18
    • /
    • 2022
  • In this paper, we proposed VW-FedAVG(Validation based Weighted FedAVG) which updates the global model by weighting according to performance verification from the models of each device participating in the training. The first method is designed to validate each local client model through validation dataset before updating the global model with a server side validation structure. The second is a client-side validation structure, which is designed in such a way that the validation data set is evenly distributed to each client and the global model is after validation. MNIST, CIFAR-10 is used, and the IID, Non-IID distribution for image classification obtained higher accuracy than previous studies.

A Study on the Realtime Cert-Validation of Certification based on DARC (DARC 기반에서의 실시간 인증서 유효성 검증에 관한 연구)

  • Jang, Heung-Jong;Lee, Seong-Eun;Lee, Jeong-Hyeon
    • The KIPS Transactions:PartC
    • /
    • v.8C no.5
    • /
    • pp.517-524
    • /
    • 2001
  • There are cases that revoke the certification because of disclosure of private key, deprivation of qualification and the expiration of a term of validity based on PKI. So, a user have to confirm the public key whether valid or invalid in the certification. There are many method such as CRL, Delta-CRL, OCSP for the cert-validation of certification. But these method many problems which are overload traffic on network and the CRL server because of processing for cert-validation of certification. In this paper we proposed the realtime cert-validation of certification method which solved problems that are data integrity by different time between transmission and receiving for CRL, and overload traffic on network and the CRL server based on DARC.

  • PDF

Performance Improvement of Cert-Validation of Certification based on FM Subcarrier Broadcasting (FM방식을 이용한 인증서 유효성 검증의 성능 향상)

  • 장홍종;이성은;이정현
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.3
    • /
    • pp.3-13
    • /
    • 2002
  • There are cases that revoke the certification because of disclosure of private key, deprivation of qualification and the expiration of a term of validity on PKI. So, a user has to confirm the public key whether valid or invalid in the certification. There are many methods such as CRL, Delta-CRL, OCSP for the cert-validation of certification. But these methods have many problems, which cause overload traffic on network and the CRL server because of realtime processing for cert-validation of certification. In this paper we proposed cert-validation of certification improvement method based on FM Subcarrier Broadcasting, which solved problems that are data integrity by different time between transmission and receiving for CRL, and overload traffic on network and the CRL server the realtime management.

Validation of Cloud Robotics System in 5G MEC for Remote Execution of Robot Engines (5G MEC 기반 로봇 엔진 원격 구동을 위한 클라우드 로보틱스 시스템 구성 및 실증)

  • Gu, Sewan;Kang, Sungkyu;Jeong, Wonhong;Moon, Hyungil;Yang, Hyunseok;Kim, Youngjae
    • The Journal of Korea Robotics Society
    • /
    • v.17 no.2
    • /
    • pp.118-123
    • /
    • 2022
  • We implemented a real-time cloud robotics application by offloading robot navigation engine over to 5G Mobile Edge Computing (MEC) sever. We also ran a fleet management system (FMS) in the server and controlled the movements of multiple robots at the same time. The mobile robots under the test were connected to the server through 5G SA network. Public 5G network, which is already commercialized, has been temporarily modified to support this validation by the network operator. Robot engines are containerized based on micro-service architecture and have been deployed using Kubernetes - a container orchestration tool. We successfully demonstrated that mobile robots are able to avoid obstacles in real-time when the engines are remotely running in 5G MEC server. Test results are compared with 5G Public Cloud and 4G (LTE) Public Cloud as well.