- Title
- Be careful who you trust: Issues with the public key infrastructure
- Creator
- Black, Paul; Layton, Robert
- Type
- Text; Conference paper
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/161676
- Identifier
- vital:12516
- Identifier
-
https://doi.org/10.1109/CTC.2014.8
- Identifier
- ISBN:978-1-4799-8824-2
- Abstract
- The modern digital internet economy and billions of dollars of trade are made possible by the internet security which is provided by operating system and web browser developers. This paper provides a survey of how this security is implemented through the use of digital certificates and the Public Key Infrastructure. Documented cases of the abuse of these digital certificates are given. It is shown that these problems arise from a combination of commercial pressures and a failure of the designers of internet security to consider the fundamental security principal of least privilege. Measures which are used to mitigate these problems are noted and new PKI architectural components which are designed to correct existing problems are examined.
- Publisher
- IEEE
- Relation
- 5th Cybercrime and Trustworthy Computing Conference, CTC 2014, Auckland, 24-25th November, 2014 published in Cybercrime and Trustworthy Computing Conference (CTC) p. 12-21
- Rights
- Copyright IEEE
- Rights
- This metadata is freely available under a CCO license
- Subject
- Internet; Browsers; Public key; Encryption; Operating systems
- Reviewed
- Hits: 752
- Visitors: 712
- Downloads: 0
Thumbnail | File | Description | Size | Format |
---|