Calculating and Evaluating Trustworthiness of Certification Authority

Zakia EL UAHHABI, Hanan EL BAKKALI

Abstract


In  a  public  key  infrastructure  trust  model,  a  trust  is transferred along a set of certificates, issued by certificate authorities (CAs) considered  as  trustfully  third  parties,  providing  a  trust chain among  its  entities.  In  order  to  deserve  this trustworthiness,  a  CA should to apply the rigorous procedures for generating keys, checking the  identities,  and  following  reliable  security  practices.  Any deficiency in  these procedures  may influence its trustworthiness.  In this  context,  some  authorities  could  be  weaker  than  others.  Then, relying parties (RPs) and certificate holders (CHs) need a mechanism to evaluate CA trustworthiness. In this paper, we provide them this mechanism to have information about its trustworthiness. In fact, we propose  a  trust  level  calculation  algorithm  that  is  based  on  three parameters  which  are  the  CA  reputation,  the  quality  of  procedures described in the certificate policy and its security maturity level.

Full Text: PDF

Refbacks

  • There are currently no refbacks.


International Journal of Communication Networks and Information Security (IJCNIS)          ISSN: 2076-0930 (Print)           ISSN: 2073-607X (Online)