Failure points in the PKI architecture

Radomir I. Prodanović; Ivan B. Vulić

doi:10.5937/vojtehg65-11144

Failure points in the PKI architecture

Radomir I. Prodanović Serbian Armed Forces, Department for Telecommunications and Informatics (J-6) SAF GS,Centre for Applied Mathematics and Electronics
Ivan B. Vulić Ministry of Defence, Military Intelligence Agency

DOI: https://doi.org/10.5937/vojtehg65-11144

Keywords: smart cards, cryptography, HSM, PKI, security, failure, Architecture,

Abstract

Over the last 20 years, the PKI architecture has found its vast application, especially in the fields which require the establishment of a security infrastructure. Given that the purpose of this architecture is to be used for achieving higher security standards, its smooth operation has to be one of the main requirements for its implementation. Its complexity is mirrored in the numerous implementations that the PKI has had so far. For all the reasons mentioned above, it is of great importance to consider potential failure points of such a structure. Due to the complexity of these structures, this paper will present only a basic review of such stress points, without providing details on specific applications and types of implementations. The significance of failure points will be explained by examining the common features of the PKI architectures and the occurrence of failure points in these structures, and where possible, an overview of suggestions for preventing such failures will be provided.

References

Adams, C., & Lloyd, S., 2003. Understanding PKI: Concepts, standards, and deployment considerations. Addison-Wesley Professional, pp.11-15.

Chokani, S., Ford, W., Sabett, R., Merrill, C., & Wu, S., 2003. Internet X. 509 Public Key Infrastructur Certificate Policy and Certification Practices Framework, RFC 3647.

Moses, T., 2003. PKI trust models. Draft. Available at: http://automedicbilling.com/CalculateSavings/PKI_Trust_models.pdf. Accessed: 17 May2016.

Ramović, R., 2005. Pouzdanost sistema elektronskih, telekomunikacionih i informacionih (in Serbian). Beograd: Katedra za mikroelektroniku i tehničku fiziku.

Schneier, B., 1996. Applied Cryptography. John Wiley & Sons.

Souza, T.C.S., Martina, J.E., & Custodio, R.F., 2007. Audit and backup procedures for Hardware Security Modules, White paper.

Published

2017/06/29

Issue

Vol. 65 No. 3 (2017): July – September

Section

Professional Papers

Proposed Creative Commons Copyright Notices

Proposed Policy for Military Technical Courier (Journals That Offer Open Access)

Authors who publish with this journal agree to the following terms:
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).