{"title":"面向manet的OCSP方案的缓存替代方案","authors":"G. Marias, K. Papapanagiotou, P. Georgiadis","doi":"10.1109/SECCMW.2005.1588315","DOIUrl":null,"url":null,"abstract":"Even though mobile ad hoc networks (MANETs) have been receiving increasing attention for more than a decade, many issues still remain unsolved, including the implementation and design of adequate security and trust mechanisms. The infrastructure-less nature of MANETs renders trust establishment a rather complex issue. Many solutions using public key cryptography and digital certificates have been proposed in this direction. However, the problem of certificate revocation and certificate status information distribution in MANETs has not yet been fully addressed. ADOPT (Ad-hoc Distributed OCSP for Trust) proposes the deployment of a lightweight, distributed, on-demand scheme based on cached OCSP responses, which can efficiently provide up-to-date certificate status information. As accurate and current revocation information is critical for any application based on public key certificates, ADOPT's caching mechanism should ensure that cached responses are updated regularly. This paper discusses caching issues and time parameters concerning ADOPT and proposes various alternatives that fit into different scenarios.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Caching alternatives for a MANET-oriented OCSP scheme\",\"authors\":\"G. Marias, K. Papapanagiotou, P. Georgiadis\",\"doi\":\"10.1109/SECCMW.2005.1588315\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Even though mobile ad hoc networks (MANETs) have been receiving increasing attention for more than a decade, many issues still remain unsolved, including the implementation and design of adequate security and trust mechanisms. The infrastructure-less nature of MANETs renders trust establishment a rather complex issue. Many solutions using public key cryptography and digital certificates have been proposed in this direction. However, the problem of certificate revocation and certificate status information distribution in MANETs has not yet been fully addressed. ADOPT (Ad-hoc Distributed OCSP for Trust) proposes the deployment of a lightweight, distributed, on-demand scheme based on cached OCSP responses, which can efficiently provide up-to-date certificate status information. As accurate and current revocation information is critical for any application based on public key certificates, ADOPT's caching mechanism should ensure that cached responses are updated regularly. This paper discusses caching issues and time parameters concerning ADOPT and proposes various alternatives that fit into different scenarios.\",\"PeriodicalId\":382662,\"journal\":{\"name\":\"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.\",\"volume\":\"29 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-09-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECCMW.2005.1588315\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECCMW.2005.1588315","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 10
摘要
尽管十多年来移动自组织网络(manet)受到越来越多的关注,但许多问题仍然没有得到解决,包括适当的安全和信任机制的实施和设计。manet的无基础设施特性使得信任建立成为一个相当复杂的问题。在这个方向上,已经提出了许多使用公钥加密和数字证书的解决方案。然而,证书撤销和证书状态信息分发问题在MANETs中尚未得到充分解决。采用(Ad-hoc Distributed OCSP for Trust)提出了一种基于缓存OCSP响应的轻量级、分布式、按需方案的部署,该方案可以有效地提供最新的证书状态信息。由于准确和最新的撤销信息对于任何基于公钥证书的应用程序都是至关重要的,因此ADOPT的缓存机制应该确保定期更新缓存的响应。本文讨论了有关ADOPT的缓存问题和时间参数,并提出了适合不同场景的各种替代方案。
Caching alternatives for a MANET-oriented OCSP scheme
Even though mobile ad hoc networks (MANETs) have been receiving increasing attention for more than a decade, many issues still remain unsolved, including the implementation and design of adequate security and trust mechanisms. The infrastructure-less nature of MANETs renders trust establishment a rather complex issue. Many solutions using public key cryptography and digital certificates have been proposed in this direction. However, the problem of certificate revocation and certificate status information distribution in MANETs has not yet been fully addressed. ADOPT (Ad-hoc Distributed OCSP for Trust) proposes the deployment of a lightweight, distributed, on-demand scheme based on cached OCSP responses, which can efficiently provide up-to-date certificate status information. As accurate and current revocation information is critical for any application based on public key certificates, ADOPT's caching mechanism should ensure that cached responses are updated regularly. This paper discusses caching issues and time parameters concerning ADOPT and proposes various alternatives that fit into different scenarios.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
