Digital certificate management: Optimal pricing and CRL releasing strategies

Digital certificate management: Optimal pricing and CRL releasing strategies

0.00 Avg rating0 Votes
Article ID: iaor20141645
Volume: 58
Start Page Number: 74
End Page Number: 78
Publication Date: Feb 2014
Journal: Decision Support Systems
Authors: , ,
Keywords: optimization, computers: information, e-commerce, internet, security
Abstract:

The fast growth of e‐commerce and online activities places increasing needs for authentication and secure communication to enable information exchange and online transactions. The public key infrastructure (PKI) provides a promising foundation for meeting such demand, in which certificate authorities (CAs) provide digital certificates. In practice, it is critical to understand consumer purchasing and revocation behaviors so that CAs can better manage the digital certificates and its CRL releasing process. To address this problem, we analytically model a CA’s pricing and revocation releasing strategies taking into consideration the users' rational decisions. The model provides solutions two main research questions: (1) How should the CA price the digital certificates? The the price of the digital certificate should be determined by the expected losses of the user’s IT system, and the number of certificate revocations per period is expected to decrease over time during the lifecycle of the certificate. This result is supported by the empirical data from VeriSign. (2) How should the CA we further propose a dynamic CRL releasing policy that suggests that the optimal releasing intervals within the lifecycle of a certificate should increase over time.

Reviews

Required fields are marked *. Your email address will not be published.