A Survey and Security Strength Classification of PKI Certificate Revocation Management Implementations

Abstract

In this thesis, I define all currently operational, proposed, and theoretically possible methods of certificate revocation, The role of certificate revocation within the larger scheme of PKI is examined and the mandates upon Department of Defense from the Certification Practices Statement (CPS) and Certificate Policy (CP) are examined. A "best case" model for revocation is suggested. The security attributes affecting certificate revocation are examined; from these attributes a set of metrics are defined for the purpose of measuring the security-relevant strengths and weaknesses of all plausible methods of certificate revocation. Each method is examined and ranked according to security strength. Conclusions regarding certificate revocation use within Department of Defense are made and further study within the field is suggested.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2003
Accession Number
ADA420552

Entities

People

  • John L. Macmichael Jr

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Ground and Sea Platforms

DTIC Thesaurus Topics

  • Authentication
  • Commerce
  • Computers
  • Cryptography
  • Denial Of Service Attack
  • Department Of Defense
  • Governments
  • Identification
  • Information Science
  • Load Monitoring
  • Mobile Devices
  • Mobile Phones
  • Operating Systems
  • Performance Tests
  • Security
  • Targets
  • United States

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Regression Analysis.