公钥基础设施:一个增强的验证框架

P. Danquah, Henoch Kwabena-Adade
{"title":"公钥基础设施:一个增强的验证框架","authors":"P. Danquah, Henoch Kwabena-Adade","doi":"10.4236/jis.2020.114016","DOIUrl":null,"url":null,"abstract":"Public Key Infrastructure (PKI) is a comprehensive information security framework for providing secure information and communication over the internet. Its need and use has grown over the years and continually grows. This research work examines the current PKI framework’s validation process as operated by vendors and subscribers to identify the drawbacks and propose enhanced approaches to its validation mechanism. Using an approach of reviewing secondary data, critical weaknesses of integrity, proof of trust and single point-of-failure were identified with the current PKI framework. This study therefore advances proposed solutions to address the identified weaknesses by specifically introducing multiple Certificate Authorities, storage, visibility and searchability of subscriber information in public repository. A comprehensive detail of its implementation is proposed to address the identified weaknesses of uncertain integrity, trust for certificate authorities and prevent a single point of failure. Furthermore, the proposed enhancements are validated with the protection motivation theory and a framework for empirically testing the enhancements is suggested. Further research would be required to factor in multi-factor authentication without compromising performance.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Public Key Infrastructure: An Enhanced Validation Framework\",\"authors\":\"P. Danquah, Henoch Kwabena-Adade\",\"doi\":\"10.4236/jis.2020.114016\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Public Key Infrastructure (PKI) is a comprehensive information security framework for providing secure information and communication over the internet. Its need and use has grown over the years and continually grows. This research work examines the current PKI framework’s validation process as operated by vendors and subscribers to identify the drawbacks and propose enhanced approaches to its validation mechanism. Using an approach of reviewing secondary data, critical weaknesses of integrity, proof of trust and single point-of-failure were identified with the current PKI framework. This study therefore advances proposed solutions to address the identified weaknesses by specifically introducing multiple Certificate Authorities, storage, visibility and searchability of subscriber information in public repository. A comprehensive detail of its implementation is proposed to address the identified weaknesses of uncertain integrity, trust for certificate authorities and prevent a single point of failure. Furthermore, the proposed enhancements are validated with the protection motivation theory and a framework for empirically testing the enhancements is suggested. Further research would be required to factor in multi-factor authentication without compromising performance.\",\"PeriodicalId\":57259,\"journal\":{\"name\":\"信息安全(英文)\",\"volume\":\"1 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"信息安全(英文)\",\"FirstCategoryId\":\"1093\",\"ListUrlMain\":\"https://doi.org/10.4236/jis.2020.114016\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"信息安全(英文)","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.4236/jis.2020.114016","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4

摘要

公开密码匙基础建设(PKI)是一个全面的资讯保安架构,可在互联网上提供安全的资讯和通讯。多年来,它的需求和使用一直在增长,而且还在不断增长。本研究工作检查了当前PKI框架的验证过程,由供应商和订阅者操作,以确定其缺陷并提出增强其验证机制的方法。使用审查辅助数据的方法,在当前的PKI框架中确定了完整性、信任证明和单点故障的关键弱点。因此,本研究提出了解决方案,通过在公共存储库中引入多个证书颁发机构、存储、可见性和可搜索性来解决已确定的弱点。提出了其实现的全面细节,以解决已确定的不确定完整性、对证书颁发机构的信任和防止单点故障的弱点。此外,利用保护动机理论对所提出的改进进行了验证,并提出了一个实证检验改进的框架。需要进一步的研究,在不影响性能的情况下考虑多因素身份验证。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Public Key Infrastructure: An Enhanced Validation Framework
Public Key Infrastructure (PKI) is a comprehensive information security framework for providing secure information and communication over the internet. Its need and use has grown over the years and continually grows. This research work examines the current PKI framework’s validation process as operated by vendors and subscribers to identify the drawbacks and propose enhanced approaches to its validation mechanism. Using an approach of reviewing secondary data, critical weaknesses of integrity, proof of trust and single point-of-failure were identified with the current PKI framework. This study therefore advances proposed solutions to address the identified weaknesses by specifically introducing multiple Certificate Authorities, storage, visibility and searchability of subscriber information in public repository. A comprehensive detail of its implementation is proposed to address the identified weaknesses of uncertain integrity, trust for certificate authorities and prevent a single point of failure. Furthermore, the proposed enhancements are validated with the protection motivation theory and a framework for empirically testing the enhancements is suggested. Further research would be required to factor in multi-factor authentication without compromising performance.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
211
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信