New adaptive trust models against DDoS: Back-up CA and Mesh PKI

Jaeil Lee, Minsoo Lee, Jabeom Gu, Seoklae Lee, Sehyun Park, Jooseok Song

Research output: Chapter in Book/Report/Conference proceedingChapter

1 Citation (Scopus)

Abstract

Most of Public Key Infrastructures (PKIs) are based on the ITU-T X.509, and the top-down hierarchical structure is extensively employed for the PKI community. However, the prominent drawback of the hierarchical PKI structure is that the CAs can be the target of serious attacks such as Distributed Denial-of-Service (DDoS). In this paper, we present two new models, Back-up CA and Mesh PKI, to cope with such Internet attacks. The proposed Back-up CA sets up an alternative path when an original CA is under attack, consequently improving availability and flexibility. Mesh PKI is a collection of CAs dynamically linked by multiple peer-to-peer cross-certifications. The Mesh PKI is very attractive, not only because they are robust to attacks but also because they help to reduce overall certificate validation time and to balance the load across multiple CAs.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
EditorsChin-Wan Chung, Chong-Kwon Kim, Won Kim, Tok-Wang Ling, Kwan-Ho Song
PublisherSpringer Verlag
Pages731-737
Number of pages7
ISBN (Print)3540404562
DOIs
Publication statusPublished - 2003

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2713
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'New adaptive trust models against DDoS: Back-up CA and Mesh PKI'. Together they form a unique fingerprint.

Cite this