Title:
|
On the self-similarity nature of the revocation data
|
Author:
|
Gañán, Carlos; Mata Diaz, Jorge; Muñoz Tapia, José Luis; Esparza Martín, Óscar; Alins Delgado, Juan José
|
Other authors:
|
Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica; Universitat Politècnica de Catalunya. SERTEL - Serveis Telemàtics |
Abstract:
|
One of the hardest tasks of a Public Key Infrastructure (PKI) is to manage revocation. Different revocation mechanisms have been proposed to invalidate the credentials of compromised or misbe-
having users. All these mechanisms aim to optimize the transmission of
revocation data to avoid unnecessary network overhead. To that end,
they establish release policies bas
ed on the assumption that the revoca-
tion data follows uniform or Poisson distribution. Temporal distribution
of the revocation data has a significant influence on the performance and
scalability of the revocation service. In this paper, we demonstrate that
the temporal distribution of the daily number of revoked certificates is
statistically self-similar, and that the currently assumed Poisson distribu-
tion does not capture the statistical properties of the distribution. None
of the commonly used revocation models takes into account this fractal
behavior, though such behavior has serious implications for the design,
control, and analysis of revocation protocols such as CRL or delta-CRL. |
Abstract:
|
Peer Reviewed |
Subject(s):
|
-Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica::Criptografia -Computer security -Data encryption (Computer science) -Certification -Public Key Infrastructure -Revocation -Self-similarity -Seguretat informàtica -Xifratge (Informàtica) |
Rights:
|
Attribution-NonCommercial-NoDerivs 3.0 Spain
http://creativecommons.org/licenses/by-nc-nd/3.0/es/ |
Document type:
|
Article - Published version Conference Object |
Published by:
|
Springer
|
Share:
|
|