New adaptive trust models against DDoS: Back-up CA and Mesh PKI

Jaeil Lee; Minsoo Lee; Jabeom Gu; Seoklae Lee; Sehyun Park; Jooseok Song

doi:10.1007/3-540-45036-x_83

New adaptive trust models against DDoS: Back-up CA and Mesh PKI

Jaeil Lee, Minsoo Lee, Jabeom Gu, Seoklae Lee, Sehyun Park, Jooseok Song

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Chapter

1 Citation (Scopus)

Abstract

Most of Public Key Infrastructures (PKIs) are based on the ITU-T X.509, and the top-down hierarchical structure is extensively employed for the PKI community. However, the prominent drawback of the hierarchical PKI structure is that the CAs can be the target of serious attacks such as Distributed Denial-of-Service (DDoS). In this paper, we present two new models, Back-up CA and Mesh PKI, to cope with such Internet attacks. The proposed Back-up CA sets up an alternative path when an original CA is under attack, consequently improving availability and flexibility. Mesh PKI is a collection of CAs dynamically linked by multiple peer-to-peer cross-certifications. The Mesh PKI is very attractive, not only because they are robust to attacks but also because they help to reduce overall certificate validation time and to balance the load across multiple CAs.

Original language	English
Title of host publication	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Editors	Chin-Wan Chung, Chong-Kwon Kim, Won Kim, Tok-Wang Ling, Kwan-Ho Song
Publisher	Springer Verlag
Pages	731-737
Number of pages	7
ISBN (Print)	3540404562
DOIs	https://doi.org/10.1007/3-540-45036-x_83
Publication status	Published - 2003

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	2713
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/3-540-45036-x_83

Cite this

Lee, J., Lee, M., Gu, J., Lee, S., Park, S., & Song, J. (2003). New adaptive trust models against DDoS: Back-up CA and Mesh PKI. In C-W. Chung, C-K. Kim, W. Kim, T-W. Ling, & K-H. Song (Eds.), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (pp. 731-737). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2713). Springer Verlag. https://doi.org/10.1007/3-540-45036-x_83

Lee, Jaeil ; Lee, Minsoo ; Gu, Jabeom ; Lee, Seoklae ; Park, Sehyun ; Song, Jooseok. / New adaptive trust models against DDoS : Back-up CA and Mesh PKI. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). editor / Chin-Wan Chung ; Chong-Kwon Kim ; Won Kim ; Tok-Wang Ling ; Kwan-Ho Song. Springer Verlag, 2003. pp. 731-737 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inbook{e16f4f1607b24ee7869b395af220ff7c,

title = "New adaptive trust models against DDoS: Back-up CA and Mesh PKI",

abstract = "Most of Public Key Infrastructures (PKIs) are based on the ITU-T X.509, and the top-down hierarchical structure is extensively employed for the PKI community. However, the prominent drawback of the hierarchical PKI structure is that the CAs can be the target of serious attacks such as Distributed Denial-of-Service (DDoS). In this paper, we present two new models, Back-up CA and Mesh PKI, to cope with such Internet attacks. The proposed Back-up CA sets up an alternative path when an original CA is under attack, consequently improving availability and flexibility. Mesh PKI is a collection of CAs dynamically linked by multiple peer-to-peer cross-certifications. The Mesh PKI is very attractive, not only because they are robust to attacks but also because they help to reduce overall certificate validation time and to balance the load across multiple CAs.",

author = "Jaeil Lee and Minsoo Lee and Jabeom Gu and Seoklae Lee and Sehyun Park and Jooseok Song",

year = "2003",

doi = "10.1007/3-540-45036-x_83",

language = "English",

isbn = "3540404562",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "731--737",

editor = "Chin-Wan Chung and Chong-Kwon Kim and Won Kim and Tok-Wang Ling and Kwan-Ho Song",

booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

address = "Germany",

}

Lee, J, Lee, M, Gu, J, Lee, S, Park, S & Song, J 2003, New adaptive trust models against DDoS: Back-up CA and Mesh PKI. in C-W Chung, C-K Kim, W Kim, T-W Ling & K-H Song (eds), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2713, Springer Verlag, pp. 731-737. https://doi.org/10.1007/3-540-45036-x_83

New adaptive trust models against DDoS : Back-up CA and Mesh PKI. / Lee, Jaeil; Lee, Minsoo; Gu, Jabeom; Lee, Seoklae; Park, Sehyun; Song, Jooseok.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). ed. / Chin-Wan Chung; Chong-Kwon Kim; Won Kim; Tok-Wang Ling; Kwan-Ho Song. Springer Verlag, 2003. p. 731-737 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2713).

Research output: Chapter in Book/Report/Conference proceeding › Chapter

TY - CHAP

T1 - New adaptive trust models against DDoS

T2 - Back-up CA and Mesh PKI

AU - Lee, Jaeil

AU - Lee, Minsoo

AU - Gu, Jabeom

AU - Lee, Seoklae

AU - Park, Sehyun

AU - Song, Jooseok

PY - 2003

Y1 - 2003

N2 - Most of Public Key Infrastructures (PKIs) are based on the ITU-T X.509, and the top-down hierarchical structure is extensively employed for the PKI community. However, the prominent drawback of the hierarchical PKI structure is that the CAs can be the target of serious attacks such as Distributed Denial-of-Service (DDoS). In this paper, we present two new models, Back-up CA and Mesh PKI, to cope with such Internet attacks. The proposed Back-up CA sets up an alternative path when an original CA is under attack, consequently improving availability and flexibility. Mesh PKI is a collection of CAs dynamically linked by multiple peer-to-peer cross-certifications. The Mesh PKI is very attractive, not only because they are robust to attacks but also because they help to reduce overall certificate validation time and to balance the load across multiple CAs.

AB - Most of Public Key Infrastructures (PKIs) are based on the ITU-T X.509, and the top-down hierarchical structure is extensively employed for the PKI community. However, the prominent drawback of the hierarchical PKI structure is that the CAs can be the target of serious attacks such as Distributed Denial-of-Service (DDoS). In this paper, we present two new models, Back-up CA and Mesh PKI, to cope with such Internet attacks. The proposed Back-up CA sets up an alternative path when an original CA is under attack, consequently improving availability and flexibility. Mesh PKI is a collection of CAs dynamically linked by multiple peer-to-peer cross-certifications. The Mesh PKI is very attractive, not only because they are robust to attacks but also because they help to reduce overall certificate validation time and to balance the load across multiple CAs.

UR - http://www.scopus.com/inward/record.url?scp=26444621174&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=26444621174&partnerID=8YFLogxK

U2 - 10.1007/3-540-45036-x_83

DO - 10.1007/3-540-45036-x_83

M3 - Chapter

AN - SCOPUS:26444621174

SN - 3540404562

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 731

EP - 737

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

A2 - Chung, Chin-Wan

A2 - Kim, Chong-Kwon

A2 - Kim, Won

A2 - Ling, Tok-Wang

A2 - Song, Kwan-Ho

PB - Springer Verlag

ER -

Lee J, Lee M, Gu J, Lee S, Park S, Song J. New adaptive trust models against DDoS: Back-up CA and Mesh PKI. In Chung C-W, Kim C-K, Kim W, Ling T-W, Song K-H, editors, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Springer Verlag. 2003. p. 731-737. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/3-540-45036-x_83

New adaptive trust models against DDoS: Back-up CA and Mesh PKI

Abstract

Publication series

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this