论文信息 - A reliable, scalable general-purpose certificate store

A reliable, scalable general-purpose certificate store

Although there have been various proposals to build large-scale PKIs, there appears to be no research publicly available on the underlying certificate store which will be required to support such a PKI. This paper analyses the requirements for, and presents the design of a general-purpose certificate store which places few constraints on the underlying computer hardware or operating system used, provides a high degree of scalability (from single end users up to the corporate/CA level), and provides the level of reliability, availability and error recovery required of such an application and stipulated in a number of standards which cover CA operation.

Peter Gutmann

[1] Roderic G. G. Cattell. The benchmark handbook for database and transaction processing systems , 1991 .

[2] Diane E. Coe,et al. Developing and Deploying Corporate Cryptographic Systems , 1995, USENIX Workshop on Electronic Commerce.

[3] W. Ford,et al. Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption , 2000 .

[4] Melanie J. Norton. Web security & commerce , 1998 .

[5] Philip A. Bernstein,et al. Principles of Transaction Processing for Systems Professionals , 1996 .

[6] Peter Gutmann,et al. The Design of a Cryptographic Security Architecture , 1999, USENIX Security Symposium.

[7] S. Garfinkel,et al. Web security & commerce , 1997 .

[8] Margo I. Seltzer,et al. Berkeley DB , 1999, USENIX Annual Technical Conference, FREENIX Track.

[9] Jennifer Widom,et al. Database System Implementation , 2000 .

[10] Peter Williams,et al. Digital Certificates: Applied Internet Security , 1998 .

[11] David D. Clark,et al. A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[12] Jim Gray,et al. Benchmark Handbook: For Database and Transaction Processing Systems , 1992 .

[13] Andreas Reuter,et al. Transaction Processing: Concepts and Techniques , 1992 .