Public key certification providers and e-government assurance agencies. An appraisal of trust on the Internet

2002 ◽  
Author(s):  
F. Galindo
Keyword(s):  
Public Key ◽  
The Internet

scholarly journals Associative Blockchain for Decentralized PKI Transparency

Cryptography ◽  
2021 ◽  
Vol 5 (2) ◽  
pp. 14
Author(s):  
Xavier Boyen ◽  
Udyani Herath ◽  
Matthew McKague ◽  
Douglas Stebila
Keyword(s):  
Formal Analysis ◽  
Fraud Detection ◽  
Public Key Infrastructure ◽  
Public Key ◽  
The Internet ◽  
Security Model ◽  
User Adoption ◽  
Browser Extension ◽  
History Of ◽  
Client Side

The conventional public key infrastructure (PKI) model, which powers most of the Internet, suffers from an excess of trust into certificate authorities (CAs), compounded by a lack of transparency which makes it vulnerable to hard-to-detect targeted stealth impersonation attacks. Existing approaches to make certificate issuance more transparent, including ones based on blockchains, are still somewhat centralized. We present decentralized PKI transparency (DPKIT): a decentralized client-based approach to enforcing transparency in certificate issuance and revocation while eliminating single points of failure. DPKIT efficiently leverages an existing blockchain to realize an append-only, distributed associative array, which allows anyone (or their browser) to audit and update the history of all publicly issued certificates and revocations for any domain. Our technical contributions include definitions for append-only associative ledgers, a security model for certificate transparency, and a formal analysis of our DPKIT construction with respect to the same. Intended as a client-side browser extension, DPKIT will be effective at fraud detection and prosecution, even under fledgling user adoption, and with better coverage and privacy than federated observatories, such as Google’s or the Electronic Frontier Foundation’s.

Developing a Public Key Infrastructure for a Secure Regional e-Health Environment

2002 ◽  
Vol 41 (05) ◽  
pp. 414-418 ◽  
Author(s):  
I. Mavridis ◽  
C. Ilioudis ◽  
C. Georgiadis ◽  
G. Pangalos
Keyword(s):  
Health Information ◽  
Low Cost ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
University Hospital ◽  
Public Key ◽  
The Internet ◽  
Regional Health ◽  
Internet Applications ◽  
Regional Health Care

Summary Objectives: Internet technologies provide an attractive infrastructure for efficient and low cost communications in regional health information networks. The advantages provided by the Internet come however with a significantly greater element of risk to the confidentiality and integrity of information. This is because the Internet has been designed primarily to optimize information sharing and interoperability, not security. The main objective of this paper is to propose the exploitation of public-key cryptography techniques to provide adequate security to enable secure healthcare Internet applications. Methods: Public-key cryptography techniques can provide the needed security infrastructure in regional health networks. In the regional health-care security framework presented in this paper, we propose the use of state-of-art Public Key Infrastructure (PKI) technology. Such an e-Health PKI consists of regional certification authorities that are implemented within the central hospitals of each region and provide their services to the rest of the healthcare establishments of the same region. Results: Significant experience in this area has been gained from the implementation of the PKI@AUTH project. Conclusions: The developed PKI infrastructure already successfully provides its security services to the AHEPA university hospital. The same infrastructure is designed to easily support a number of hospitals participating in a regional health information network.

scholarly journals Study A Public Key in RSA Algorithm

2020 ◽  
Vol 5 (4) ◽  
pp. 395-398
Author(s):  
Taleb Samad Obaid
Keyword(s):  
Private Information ◽  
Original Data ◽  
Prime Numbers ◽  
Public Key ◽  
The Internet ◽  
Sensitive Information ◽  
Rsa Algorithm ◽  
Encryption And Decryption ◽  
Main Disadvantage ◽  
Encryption Decryption

To transmit sensitive information over the unsafe communication network like the internet network, the security is precarious tasks to protect this information. Always, we have much doubt that there are more chances to uncover the information that is being sent through network terminals or the internet by professional/amateur parasitical persons. To protect our information we may need a secure way to safeguard our transferred information. So, encryption/decryption, stenographic and vital cryptography may be adapted to care for the required important information. In system cryptography, the information transferred between both sides sender/receiver in the network must be scrambled using the encryption algorithm. The second side (receiver) should be outlook the original data using the decryption algorithms. Some encryption techniques applied the only one key in the cooperation of encryption and decryption algorithms. When the similar key used in both proceeds is called symmetric algorithm. Other techniques may use two different keys in encryption/decryption in transferring information which is known as the asymmetric key.  In general, the algorithms that implicated asymmetric keys are much more secure than others using one key.   RSA algorithm used asymmetric keys; one of them for encryption the message, and is known as a public key and another used to decrypt the encrypted message and is called a private key. The main disadvantage of the RSA algorithm is that extra time is taken to perform the encryption process. In this study, the MATLAB library functions are implemented to achieve the work. The software helps us to hold very big prime numbers to generate the required keys which enhanced the security of transmitted information and we expected to be difficult for a hacker to interfere with the private information. The algorithms are implemented successfully on different sizes of messages files.

Implementasi BGP dan Resource Public Key Infrastructure menggunakan BIRD untuk Keamanan Routing

2021 ◽  
Vol 5 (6) ◽  
pp. 1161-1170
Author(s):  
Valen Brata Pranaya ◽  
Theophilus Wellem
Keyword(s):  
Autonomous Systems ◽  
Public Key Infrastructure ◽  
Digital Certificate ◽  
Public Key ◽  
The Internet ◽  
Certification Authority ◽  
Internet Routing ◽  
Internet Connectivity ◽  
Routing Security ◽  
Bgp Routing

The validity of the routing advertisements sent by one router to another is essential for Internet connectivity. To perform routing exchanges between Autonomous Systems (AS) on the Internet, a protocol known as the Border Gateway Protocol (BGP) is used. One of the most common attacks on routers running BGP is prefix hijacking. This attack aims to disrupt connections between AS and divert routing to destinations that are not appropriate for crimes, such as fraud and data breach. One of the methods developed to prevent prefix hijacking is the Resource Public Key Infrastructure (RPKI). RPKI is a public key infrastructure (PKI) developed for BGP routing security on the Internet and can be used by routers to validate routing advertisements sent by their BGP peers. RPKI utilizes a digital certificate issued by the Certification Authority (CA) to validate the subnet in a routing advertisement. This study aims to implement BGP and RPKI using the Bird Internet Routing Daemon (BIRD). Simulation and implementation are carried out using the GNS3 simulator and a server that acts as the RPKI validator. Experiments were conducted using 4 AS, 7 routers, 1 server for BIRD, and 1 server for validators, and there were 26 invalid or unknown subnets advertised by 2 routers in the simulated topology. The experiment results show that the router can successfully validated the routing advertisement received from its BGP peer using RPKI. All invalid and unknown subnets are not forwarded to other routers in the AS where they are located such that route hijacking is prevented.  

scholarly journals PKI4IoT: Towards public key infrastructure for the Internet of Things

2020 ◽  
Vol 89 ◽  
pp. 101658 ◽  
Author(s):  
Joel Höglund ◽  
Samuel Lindemer ◽  
Martin Furuhed ◽  
Shahid Raza
Keyword(s):  
Internet Of Things ◽  
Public Key Infrastructure ◽  
Public Key ◽  
The Internet ◽  
The Internet Of Things

scholarly journals Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker

2017 ◽  
Vol 2017 ◽  
pp. 1-23 ◽  
Author(s):  
Ahmad Samer Wazan ◽  
Romain Laborde ◽  
David W. Chadwick ◽  
Francois Barrere ◽  
Abdelmalek Benzekri ◽  
...  
Keyword(s):  
Trust Management ◽  
Trust Model ◽  
Third Party ◽  
Public Key ◽  
The Internet ◽  
Certification Authority ◽  
Policies And Procedures ◽  
Implementation Approach ◽  
Processing Resources

A Public Key Infrastructure (PKI) is considered one of the most important techniques used to propagate trust in authentication over the Internet. This technology is based on a trust model defined by the original X.509 (1988) standard and is composed of three entities: the certification authority (CA), the certificate holder (or subject), and the Relying Party (RP). The CA plays the role of a trusted third party between the certificate holder and the RP. In many use cases, this trust model has worked successfully. However, we argue that the application of this model on the Internet implies that web users need to depend on almost anyone in the world in order to use PKI technology. Thus, we believe that the current TLS system is not fit for purpose and must be revisited as a whole. In response, the latest draft edition of X.509 has proposed a new trust model by adding new entity called the Trust Broker (TB). In this paper, we present an implementation approach that a Trust Broker could follow in order to give RPs trust information about a CA by assessing the quality of its issued certificates. This is related to the quality of the CA’s policies and procedures and its commitment to them. Finally, we present our Trust Broker implementation that demonstrates how RPs can make informed decisions about certificate holders in the context of the global web, without requiring large processing resources themselves.

ARCN: Authenticated Routing on Cloud Network to Mitigate Insider Attacks on Infrastructure as a Service

2019 ◽  
Vol 16 (9) ◽  
pp. 3945-3954
Author(s):  
Priya Oberoi ◽  
Sumit Mittal ◽  
Rajneesh Kumar Gujral
Keyword(s):  
Research Work ◽  
Public Key Cryptography ◽  
Public Key ◽  
The Internet ◽  
Security Attacks ◽  
Infrastructure As A Service ◽  
Security Vulnerabilities ◽  
The Public ◽  
Prime Concern ◽  
Cloud Network

Cloud security is one of the major issues which are affecting the acceptance of Cloud computing (CC). In spite of the number of benefits offered by CC, it also suffers from a myriad of security vulnerabilities. Security is the prime concern while we are accessing the resources from the Cloud through the Internet. This research work is primarily on IAAS (Infrastructure as a service). Here a protocol called Authenticated Routing on Cloud Network (ARCN) has been proposed, to secure the communication route between the client and service provider. The proposed protocol ARCN uses the public key cryptography to mitigate the various security attacks like malicious insider attacks, Spoofing, Falsified routes, DoS, etc.

Sign in / Sign up

Export Citation Format

Share Document