Abstract
A Public Key Infrastructure (PKI) using a certificate has already been widely used in a variety of fields for the provision of security service. Accordingly a Certification Authority (CA) that issues a certificate must securely construct a Certification Authority System and manage it. It is significantly important for a CA to ensure its service to continue to operate properly by preparing for any disaster caused by a CA’s private key compromise no matter what the cause is.
In this paper, we provide the definitions of PKI disaster recovery and PKI business continuity, which are more clear and specific than ever before. We also present three requirements for a PKI model preparing for a disaster. Then we propose a PKI model that ensures business continuity in the event of a disaster in which a CA key is exposed. It is easily applied to the existing PKI structure. We stress that the proposed PKI model in this paper is the first to ensure both applicability to the existing models and business continuity in the event of a disaster.
This research was supported by the MIC(Ministry of Information and Communication), Korea, under the ITRC(Information Technology Research Center) support program supervised by the IITA(Institute of Information Technology Assessment).
An erratum to this chapter can be found at http://dx.doi.org/10.1007/11915034_125.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Abdalla, M., Reyzin, L.: A New Forward-Secure Digital Signature Scheme. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 116–129. Springer, Heidelberg (2000)
Anderson, R.: Invited lecture. In: Fourth Annual Conference on Computer and Communications Security, ACM Press, New York (1997)
Bellare, M., Sara, K., Miner, A.: Forward-Secure Digital Signature Scheme. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999)
Koga, S., Sakuarai, K.: Decentralization Methods of Certification Authority Using the Digital Signature Schemes. In: 2nd Annual PKI Research Workshop-Pre-proceedings (2003)
Krawczyk, H.: Simple Forward-Secure Signature’s From Any Signature Scheme. In: 7th ACN Conference on Computer and Communications Security (2000)
Le, Z., Ouyang, Y., Ford, J., Makedon, F.: A Hierarchical Key-Insulated Signature Scheme in the CA Trust Model. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 280–291. Springer, Heidelberg (2004)
Malkin, T., Micciancio, D., Miner, S.: Efficient Generic Forward-Secure Signatures With An Unbounded Number Of Time Periods. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, Springer, Heidelberg (2002)
Tzvetkov, V.: Disaster coverable PKI model based on Majority Trust principle. In: Proceedings of the international Conference on Information Technology: Coding and Computing (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, B.M., Choi, K.Y., Lee, D.H. (2006). Disaster Coverable PKI Model Utilizing the Existing PKI Structure. In: Meersman, R., Tari, Z., Herrero, P. (eds) On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops. OTM 2006. Lecture Notes in Computer Science, vol 4277. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11915034_77
Download citation
DOI: https://doi.org/10.1007/11915034_77
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-48269-7
Online ISBN: 978-3-540-48272-7
eBook Packages: Computer ScienceComputer Science (R0)