Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Knowledge and Information Systems
Erschienen in: Knowledge and Information Systems 2/2015

01.05.2015 | Regular Paper

A model for revocation forecasting in public-key infrastructures

verfasst von: Carlos Gañán, Jorge Mata-Díaz, Jose L. Muñoz, Oscar Esparza, Juanjo Alins

Erschienen in: Knowledge and Information Systems | Ausgabe 2/2015

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

One of the hardest tasks of a certification infrastructure is to manage revocation. This process consists in collecting and making the revocation status of certificates available to users. Research on this topic has focused on the trade-offs that different revocation mechanisms offer. Much less effort has been conducted to understand and model real-world revocation processes. For this reason, in this paper, we present a novel analysis of real-world collected revocation data and we propose a revocation prediction model. The model uses an autoregressive integrated moving average model. Our prediction model enables certification authorities to forecast the number of revoked certificates in short term.
Vorheriger Artikel Fast and scalable support vector clustering for large-scale data analysis
Nächster Artikel STenSr: Spatio-temporal tensor streams for anomaly detection and pattern discovery

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren
Fußnoten
1
Note that this survey mainly operates a crawler finding, and reporting on the SSL certificates it locates in the wild. Hence, we only use these data to corroborate that we are covering most of the SSL market.
 
Literatur
1.
Housley R, Polk W, Ford W, Solo D (2002) Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 3280, Internet Engineering Task Force
2.
Narasimha M, Tsudik G (2007) Privacy-preserving revocation checking with modified crls. In: Lopez J, Samarati P, Ferrer J (eds) Public key infrastructure, vol 4582, lecture notes in computer science. Springer, Berlin, pp 18–33
3.
Lippert M, Karatsiolis V, Wiesmaier A, Buchmann J (2006) Life-cycle management of x.509 certificates based on ldap directories. J Comput Secur 14:419–439
4.
Gañán C, Muñoz JL, Esparza O, Mata-Díaz J, Hernández-Serrano J, Alins J (2013) COACH: cOllaborative certificate stAtus CHecking mechanism for VANETs. J Netw Comput Appl 36(5):1337–1357CrossRef
5.
Tsang PP, Au MH, Kapadia A, Smith SW (2010) Blac: revoking repeatedly misbehaving anonymous users without relying on TTPs. ACM Trans Inf Syst Secur 13:39:1–39:33CrossRef
6.
Solis J, Tsudik G (2006) Simple and flexible revocation checking with privacy. In: Danezis G, Golle P (eds) Privacy enhancing technologies, vol 4258, lecture notes in computer science. Springer, Berlin, pp 351–367
7.
Caubet J, Gañán C, Esparza O, Muñoz JL, Mata-Díaz J, Alins J (2014) Certificate revocation list distribution system for the KAD network. Comput J 57(2):273–280
8.
Walleck D, Li Y, Xu S (2008) Empirical analysis of certificate revocation lists. In: Proceedings of the 22nd annual IFIP WG 11.3 working conference on data and applications security, pp 159–174
9.
Ma C, Hu N, Li Y (2006) On the release of CRLs in public key infrastructure. In: Proceedings of the 15th conference on USENIX security symposium, vol 15. Berkeley, CA, USA
10.
Hu N, Tayi GK, Ma C, Li Y (2009) Certificate revocation release policies. J Comput Secur 17:127–157
11.
Gañán C, Mata-Diaz J, Munoz JL, Hernandez-Serrano J, Esparza O, Alins J (2012) A modeling of certificate revocation and its application to synthesis of revocation traces. IEEE Trans Inf Forensics Secur 7(6):1673–1686CrossRef
12.
Box GEP, Jenkins G (1990) Time series analysis: forecasting and control. Holden-Day, Incorporated
13.
Cooper D, Santesson S, Farrell S, Boeyen S, Housley R, Polk W (2008) Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280, Internet Engineering Task Force
14.
Micali S (1996) Efficient certificate revocation. Technical Report TM-542b. MIT Laboratory for Computer Science
15.
Naor M, Nissim K (2000) Certificate revocation and certificate update. IEEE J Sel Areas Commun 18(4):561–560CrossRef
16.
Myers M, Ankney R, Malpani A, Galperin S, Adams C (1999) X.509 internet public key infrastructure online certificate status protocol—OCSP. RFC 2560
17.
Kocher PC (1998) On certificate revocation and validation. In: International conference on financial cryptography (FC98), number 1465 in lecture notes in computer science, pp 172–177
18.
Merkle RC (1989), A certified digital signature. In: Advances in cryptology (CRYPTO89), number 435 in lecture notes in computer science, pp 234–246
19.
20.
Jeon TJ, Park SJ (1988) Multiple time series model identification using concatenated sample cross-correlations. Commun Stat Theory Methods 17(1):1–16CrossRefMathSciNet
21.
Zhang B-L, Coggins R, Jabri MA, Dersch D, Flower B (2001) Multiresolution forecasting for futures trading using wavelet decompositions. Neural Netw IEEE Trans 12(4):765–775CrossRef
22.
Kang S, Lee S, Won Y, Seong B (2010) On-line prediction of nonstationary variable-bit-rate video traffic. Signal Process IEEE Trans 58(3):1219–1237CrossRefMathSciNet
23.
Proakis JG (1983) Digital communications / John G. Proakis. McGraw-Hill, New York
24.
Kwiatkowski D, Phillips PCB, Schmidt P (1991) Testing the null hypothesis of stationarity against the alternative of a unit root. Technical Report 979. Cowles Foundation for Research in Economics, Yale University
25.
Makridakis S, Hibon M (2000) The M3-Competition: results, conclusions and implications. Int J Forecast 16(4):451–476CrossRef
26.
Meade N (2000) A note on the robust trend and ararma methodologies used in the M3 competition. Int J Forecast 16(4):517–519CrossRef
27.
28.
29.
Gañán C, Munoz JL, Esparza O, Mata-Diaz J, Alins J, Silva-Cardenas C, Bartra-Gardini G (2012) RAR: risk aware revocation mechanism for vehicular networks. In: 2012 IEEE 75th vehicular technology conference (VTC Spring), vol 7. IEEE, Yokohama, pp 1–5
30.
Spyropoulos T, Turletti T, Obraczka K (2008) Routing in delay-tolerant networks comprising heterogeneous node populations. IEEE Trans Mobile Comput, 1132–1147
31.
Bhutta N, Ansa G, Johnson E, Ahmad N, Alsiyabi M, Cruickshank H (2009) Security analysis for delay/disruption tolerant satellite and sensor networks. In: Satellite and space communications. IWSSC 2009. International Workshop on, pp 385–389
32.
Farrell S, Symington S, Weiss H, Lovell P (2009) Delay-tolerant networking security overview. IRTF, DTN research group, March 2009. Draft version-06
33.
Symington S, Farrell S, Weiss H (2009) Bundle security protocol specification. IRTF, DTN research group, November 2009. Draft version-12
34.
Gañán C, Muñoz JL, Esparza O, Mata-Día J, Alins J (2014) PPREM: privacy preserving REvocation mechanism for vehicular ad hoc networks. Comput Stand Interfaces 36(3):513–523CrossRef
35.
Gañán C, Muñoz JL, Esparza O, Loo J, Mata-Día J, Alins J (2013) BECSI: bandwidth efficient certificate status information distribution mechanism for VANETs. Mobile Inf Syst 9(4):347–370CrossRef
36.
Gañán C, Muñoz JL, Esparza O, Mata-Día J, Alins J (2014) EPA: an efficient and privacy-aware revocation mechanism for vehicular ad hoc networks. Pervasive Mobile Comput, ISSN 1574-1192, doi:10.​1016/​j.​pmcj.​2014.​01.​002
37.
Chadwick D (2007) Dynamic delegation of authority in web services. In: Periorellis P (eds) Securing web services: practical usage of standards and specifications. Idea Group Inc, pp 111–137
38.
She W, Yen I-L, Thuraisingham B (2008) Enhancing security modeling for web services using delegation and pass-on. In: IEEE international conference on web services (ICWS), pp 545–552
39.
Hinarejos MF, Muñoz JL, Forné J, Esparza O (2010) PREON: an efficient cascade revocation mechanism for delegation paths. Comput Secur 29(6):697–711CrossRef
40.
41.
Tuecke S, Welch V, Engert D, Pearlman L, Thompson M (2004) Internet X.509 public key infrastructure (PKI) proxy certificate profile. RFC 3820, Internet Engineering Task Force
42.
Luna J, Medina M, Manso O (2005) Towards a unified authentication and authorization infrastructure for grid services: implementing an enhanced OCSP service provider into GT4. In: Public key infrastructure, LNCS. Springer, Berlin, pp 36–54
Metadaten
Titel
A model for revocation forecasting in public-key infrastructures
verfasst von
Carlos Gañán
Jorge Mata-Díaz
Jose L. Muñoz
Oscar Esparza
Juanjo Alins
Publikationsdatum
01.05.2015
Verlag
Springer London
Erschienen in
Knowledge and Information Systems / Ausgabe 2/2015
Print ISSN: 0219-1377
Elektronische ISSN: 0219-3116
DOI
https://doi.org/10.1007/s10115-014-0735-1

Weitere Artikel der Ausgabe 2/2015

Knowledge and Information Systems 2/2015 Zur Ausgabe

Regular Paper

Answering ordered tree pattern queries over fuzzy XML data

Regular Paper

STenSr: Spatio-temporal tensor streams for anomaly detection and pattern discovery

Regular Paper

Fast and scalable support vector clustering for large-scale data analysis

Regular Paper

Learning to suggest questions in social media

Regular Paper

Finding top--cliques for keyword search from graphs in polynomial delay

Regular Paper

CloudRec: a framework for personalized service Recommendation in the Cloud

Premium Partner

    Bildnachweise