{"title":"CD-BCM:Cross-Domain Batch Certificates Management Based On Blockchain","authors":"Shixiong Yao, Pei Li, Jing Chen, Yuexing Zeng, Jiageng Chen, Donghui Wang","doi":"10.1093/comjnl/bxad025","DOIUrl":null,"url":null,"abstract":"Abstract With the development of information networks, the entities from different network domains interact with each other more and more frequently. Therefore, identity management and authentication are essential in cross-domain setting. The traditional Public Key Infrastructure (PKI) architecture has some problems, including single point of failure, inefficient certificate revocation status management and also lack of privacy protection, which cannot meet the demand of cross-domain identity authentication. Blockchain is suitable for multi-participant collaboration in multi-trust domain scenarios. In this paper, a cross-domain certificate management scheme CD-BCM based on the consortium blockchain is proposed. For the issue of Certificate Authority’s single point of failure, we design a multi-signature algorithm. In addition, we propose a unified structure for batch certificates verification and conversion, which improve the efficiency of erroneous certificate identification. Finally, by comparing with current related schemes, our scheme achieves good functionality and scalability in the scenario of cross-domain certificate management.","PeriodicalId":50641,"journal":{"name":"Computer Journal","volume":"66 1","pages":"0"},"PeriodicalIF":1.5000,"publicationDate":"2023-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1093/comjnl/bxad025","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Abstract With the development of information networks, the entities from different network domains interact with each other more and more frequently. Therefore, identity management and authentication are essential in cross-domain setting. The traditional Public Key Infrastructure (PKI) architecture has some problems, including single point of failure, inefficient certificate revocation status management and also lack of privacy protection, which cannot meet the demand of cross-domain identity authentication. Blockchain is suitable for multi-participant collaboration in multi-trust domain scenarios. In this paper, a cross-domain certificate management scheme CD-BCM based on the consortium blockchain is proposed. For the issue of Certificate Authority’s single point of failure, we design a multi-signature algorithm. In addition, we propose a unified structure for batch certificates verification and conversion, which improve the efficiency of erroneous certificate identification. Finally, by comparing with current related schemes, our scheme achieves good functionality and scalability in the scenario of cross-domain certificate management.
期刊介绍:
The Computer Journal is one of the longest-established journals serving all branches of the academic computer science community. It is currently published in four sections.