KJC Korea
Journal Central

Journal of The Korea Society of Computer and Information 2021 KCI Impact Factor : 0.62

Korean | English

pISSN : 1598-849X / eISSN : 2383-9945

http://journal.kci.go.kr/jksci

BACK
TOP

Home > Explore Content > All Issues > Article View

10 of 26

A Study on Efficient CRI managing for Certificate Status Validate in Distributed OCSP

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2008, 13(3), pp.91-98

Publisher : The Korean Society Of Computer And Information
Research Area : Computer Science

김경자 ¹, 장태무 ²

¹세종대학교
²동국대학교

ABSTRACT
열림/닫힘 버튼

The conventional CA(Certificate Authority) has problems in dealing with certificates whose valid time is expired and in managing CRI(Certificate Revocation Information) produced by clients. Many researches are conducted to solve them, but they have limitations in providing real-time verifications of certificates’ status for clients. In this paper, we propose a new CRI management model to address these limitations in distributed OCSP(On-line Certificate Status Protocol) environments. CRL(Certificate Revocation List) is divided into two parts: one part that is recent is replicated over several OCSP servers, the other part is replicated and distributed over servers. Our methods can help to break the bottleneck of CA, and effectively reduce the size of CRL transferred. Therefore, with our methods, clients can verify the state of certificates in real time.
KEYWORDS
열림/닫힘 버튼

인증기관(Certificate Authority), 인증서(Certificate), 인증서 취소 목록(Certificate Revocated Lists), OCSP(Online Certificate Status Protocol)

Statistics

195 Viewed

18 Downloaded

Tools

Print this page

Export Citation

Sharing

Issue List

Citation status

KCI Citation Counts (1)
열림/닫힘 버튼
REFERENCES (7)
열림/닫힘 버튼
* 2021년 이후 발행 논문의 참고문헌은 현재 구축 중입니다.

[journal] 이상렬 / 2005 / A Study of Wireless LAN Cryptosystem for Supporting Realtime Mutual Authentication / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 10(5) : 161~170

[journal] 이영교 / 2005 / A Method for Detecting the Exposure of an OCSP Responder's Session Private Key in D-OCSP-KIS / 정보보호학회논문지 / 한국정보보호학회 15(4) : 83~92

[journal] 이호 / 2006 / A Study on CRL Distributing Method based on Group Key Agreement in D-OCSP / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 11(1) : 35~44

[book] Bogdan C. Popescu / 2003 / A Certificate Revocation Scheme for a Large-Scale Highly Replicated Distributed System / ISCC : 225~231

[journal] K. Papapanagiotou / 2006 / Performance evaluation of a distributed OCSP protocol over MANETs / in Proceedings of 3rd IEEE Consumer Communications and Networking Conference (CCNC'06) 1 : 1~5

[journal] Iliadis J / 2003 / Towards a framework for evaluating certificate status information mechanisms / Computer Communications 26(16) : 1839~1850

[book] R. Housley / 2002 / Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile / RFC