A compliance-based ranking of certificate authorities using probabilistic approaches
| المؤلف | Junaid, Kashif |
| المؤلف | Janjua, Muhammad Umar |
| المؤلف | Qadir, Junaid |
| تاريخ الإتاحة | 2025-07-08T03:58:10Z |
| تاريخ النشر | 2024 |
| اسم المنشور | International Journal of Information Security |
| المصدر | Scopus |
| المعرّف | http://dx.doi.org/10.1007/s10207-024-00867-3 |
| الرقم المعياري الدولي للكتاب | 16155262 |
| الملخص | The security of the global Certification Authority (CA) system has recently been compromised as a result of attacks on the Public Key Infrastructure (PKI). Although the CA/Browser (CA/B) Forum publishes compliance requirements for CAs, there are no guarantees that even a commercially successful CA is complying with these recommendations. In this paper, we propose the first systematic CA ranking mechanism that ranks CAs in terms of their adherence to the CA/B Forum and X.509 certificate standards. Unfortunately, there is no consolidated and widely accepted parameter to rank the CAs so we have proposed formula-based rating models and introduced different ranking techniques like Direct, Bayesian, and MarkovChain Ranking. These rankings are applied to a comprehensive dataset of X.509 trust chains gathered during the time period of 2020 to 2023. Our proposed ranking scheme can serve as a criterion for both consumers and enterprises for selecting and prioritizing CAs based on performance as well as adherence to the certificate standards. |
| اللغة | en |
| الناشر | Springer Science and Business Media Deutschland GmbH |
| الموضوع | CA/B Forum Certificate authority Ranking Web PKI X.509 Certificates |
| النوع | Article |
| الصفحات | 2881-2910 |
| رقم العدد | 4 |
| رقم المجلد | 23 |
الملفات في هذه التسجيلة
هذه التسجيلة تظهر في المجموعات التالية
-
علوم وهندسة الحاسب [2484 items ]