| Title | Trust Enhancement Scheme for Cross Domain Authentication of PKI System |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Chen, Yuxiang, Dong, Guishan, Bai, Jian, Hao, Yao, Li, Feng, Peng, Haiyang |
| Conference Name | 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) |
| Keywords | authentication, authorisation, blockchain, blockchain consensus, certificate revocation list, CRL, cross-domain, cross-domain authentication, Distributed databases, E-Government, e-government applications, Human Behavior, Metrics, multiple PKI systems, PKI (Public Key Infrastructure), PKI management domains, PKI Trust Models, pubcrawl, public key cryptography, public key infrastructure, Resiliency, Scalability, traditional trusted third party, Trust delivery, trust enhancement scheme, Trusted Computing, unified trust service problem |
| Abstract | Public Key Infrastructure (PKI) has been popularized in many scenarios such as e-government applications, enterprises, etc. Due to the construction of PKI system of various regions and departments, there formed a lot of isolated PKI management domains, cross-domain authentication has become a problem that cannot ignored, which also has some traditional solutions such as cross-authentication, trust list, etc. However, some issues still exist, which hinder the popularity of unified trust services. For example, lack of unified cross domain standard, the update period of Certificate Revocation List (CRL) is too long, which affects the security of cross-domain authentication. In this paper, we proposed a trust transferring model by using blockchain consensus instead of traditional trusted third party for e-government applications. We exploit how to solve the unified trust service problem of PKI at the national level through consensus and transfer some CA management functions to the blockchain. And we prove the scheme's feasibility from engineering perspective. Besides, the scheme has enough scalability to satisfy trust transfer requirements of multiple PKI systems. Meanwhile, the security and efficiency are also guaranteed compared with traditional solutions. |
| DOI | 10.1109/CyberC.2019.00026 |
| Citation Key | chen_trust_2019 |
Trust Enhancement Scheme for Cross Domain Authentication of PKI System