Most organizations show a strong interest in digital signature technology as a means for secure and authenticated document exchange, hoping that it helps reduce the paper-based transactions. The main problem posed by this technology is with the necessary public-key infrastructure, and in particular with certificate status handling. Rather than addressing the revocation problem in general, a specific but interesting aspect is discussed here: secure identification of a large number of users (like citizens for a public administration) accessing a wide pool of services. This paper describes the definition and deployment of a web-based environment suitable for offering administrative services to citizens and for accepting authenticated documents from citizens. The best features of two different certificate status handling schemes, the standard CRL and a novel on-line scheme, have been exploited within this environment to obtain a good balance between security, timeliness and efficiency. © 2003 IEEE.
Faldella, E., Prandini, M. (2003). An application of efficient certificate status handling methods to high traffic authentication services. 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA : IEEE COMPUTER SOC [10.1109/ISCC.2003.1214219].
An application of efficient certificate status handling methods to high traffic authentication services
Faldella E.;Prandini M.
2003
Abstract
Most organizations show a strong interest in digital signature technology as a means for secure and authenticated document exchange, hoping that it helps reduce the paper-based transactions. The main problem posed by this technology is with the necessary public-key infrastructure, and in particular with certificate status handling. Rather than addressing the revocation problem in general, a specific but interesting aspect is discussed here: secure identification of a large number of users (like citizens for a public administration) accessing a wide pool of services. This paper describes the definition and deployment of a web-based environment suitable for offering administrative services to citizens and for accepting authenticated documents from citizens. The best features of two different certificate status handling schemes, the standard CRL and a novel on-line scheme, have been exploited within this environment to obtain a good balance between security, timeliness and efficiency. © 2003 IEEE.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
