• DocumentCode
    3586244
  • Title

    Be Careful Who You Trust: Issues with the Public Key Infrastructure

  • Author

    Black, Paul ; Layton, Robert

  • Author_Institution
    Internet Commerce Security Lab., Federation Univ., Mt Helen, VIC, Australia
  • fYear
    2014
  • Firstpage
    12
  • Lastpage
    21
  • Abstract
    The modern digital internet economy and billions of dollars of trade are made possible by the internet security which is provided by operating system and web browser developers. This paper provides a survey of how this security is implemented through the use of digital certificates and the Public Key Infrastructure. Documented cases of the abuse of these digital certificates are given. It is shown that these problems arise from a combination of commercial pressures and a failure of the designers of internet security to consider the fundamental security principal of least privilege. Measures which are used to mitigate these problems are noted and new PKI architectural components which are designed to correct existing problems are examined.
  • Keywords
    Internet; public key cryptography; Internet security; PKI architectural components; Web browser developers; digital Internet economy; digital certificates; operating system developers; public key infrastructure; Browsers; Encryption; Internet; Operating systems; Public key; X.509; digitial certificate; least privilege; web browser;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cybercrime and Trustworthy Computing Conference (CTC), 2014 Fifth
  • Print_ISBN
    978-1-4799-8824-2
  • Type

    conf

  • DOI
    10.1109/CTC.2014.8
  • Filename
    7087323
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3586244