{"title":"An approach for evaluating trust in X.509 certificates","authors":"Zakia El Uahhabi, H. Bakkali","doi":"10.1109/ICITST.2016.7856696","DOIUrl":null,"url":null,"abstract":"Today, X.509 certificates is largely adopted for the identity verification of an entity. Such organizations and people use it to confirm their identities in online transaction. Then, it is necessary to verify the certificate trustworthiness in order to accept or reject it for a particular transaction. Besides, certificates are issued by the certificate authority based on the procedures which are described in a certificate policy. Any deficiency in these procedures may influence a certificate authority trustworthiness, which creates a trust lack in the certificates signed by this authority. In this context, relying parties need an automated mechanism to evaluate a trust level of certificate which come into question. In this paper, we grant them this mechanism to have information about its trustworthiness. In fact, we propose a trust framework architecture which is composed from the several components involved in the trust level calculation. Then, we suggest a trust level calculation algorithm which is based on three parameters that are the calculated CA trust level, the quality of procedures indicated in the certificate policy and the rating assigned to certification fields content. Our proposed solution allows relying parties to make a decision about certificate trustworthiness.","PeriodicalId":258740,"journal":{"name":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"445 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITST.2016.7856696","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Today, X.509 certificates is largely adopted for the identity verification of an entity. Such organizations and people use it to confirm their identities in online transaction. Then, it is necessary to verify the certificate trustworthiness in order to accept or reject it for a particular transaction. Besides, certificates are issued by the certificate authority based on the procedures which are described in a certificate policy. Any deficiency in these procedures may influence a certificate authority trustworthiness, which creates a trust lack in the certificates signed by this authority. In this context, relying parties need an automated mechanism to evaluate a trust level of certificate which come into question. In this paper, we grant them this mechanism to have information about its trustworthiness. In fact, we propose a trust framework architecture which is composed from the several components involved in the trust level calculation. Then, we suggest a trust level calculation algorithm which is based on three parameters that are the calculated CA trust level, the quality of procedures indicated in the certificate policy and the rating assigned to certification fields content. Our proposed solution allows relying parties to make a decision about certificate trustworthiness.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
