3rd ACIS Int. Conf. on Software Engineering, Artificial Intelligence Networking and Parallel/Distributed Computing (SNPD’02), pp. 157-163, Junio, 2002. More..
Abstract
Interaction of organizations and their clients by using the Internet can produce meaningful benefits in the accessibility, efficiency and availability of documents, regardless of time and location. However, some types of problems hinder a higher degree of communication. This paper presents some of the results of a Research Project that focuses on the influence of typical open networks risks in electronic interactions and on the need of creating software tools to manage electronic versions of the paper-based forms, as this is the traditional way of interaction through the Web.
IEEE International Workshop on Electronic Government (in DEXA’00), IEEE Press, pp. 362-365, 2000.
11th International Conference on Database and Expert Systems Applications (DEXA’00), LNCS 1873, Springer, pp. 929-938, September, 2000. More..
Abstract
Public-key cryptography is fast becoming the foundation for those applications that require security and authentication in open networks. But the widespread use of a global public-key cryptosystem requires that public-key certificates are always available and up-to-date. Problems associated to digital certificates management, like storage, retrieval, maintenance, and, specially, revocation, require special procedures that ensure reliable features because of the critical significance of inaccuracies. Most of the existing systems use a Certificate Revocation List, a repository of certificates that have been revoked before their expiration date. The need to access CRLs in order to check certificate revocations becomes a performance handicap. Furthermore, they introduce a source of vulnerability in the whole security infrastructure, as it is impossible to produce a new CRL each time a revocation takes place. This paper introduces an alternative for the storage of digital certificates that avoids the use of CRLs. The system is designed to provide a distributed management of digital certificates by using Certification Authorities that, while being part of a whole Public-Key Infrastructure, operate over local certificates databases. Communication protocols between local databases have been designed to minimize network traffic without a lack of security and efficiency.