Trust assessment of X.509 certificate based on certificate authority trustworthiness and its certificate policy
by Zakia El Uahhabi; Hanan El Bakkali
International Journal of Internet Technology and Secured Transactions (IJITST), Vol. 8, No. 1, 2018

Abstract: Nowadays, X.509 certificate is largely used to prove its holder identity in open networks. Then, the relying party (RP) needs an automated mechanism for evaluating its trustworthiness in order to decide whether to accept it or not. In this context, we provide him with this mechanism allowing him to decide if he should trust in a received certificate or not. In our previous work, we have proposed an architecture for calculating a certificate trust level. Using a defined algorithm, this level is computed depending on three parameters: the calculated trust level of certificate authority (CA), the certificate policy quality, and the rating of the certificate fields. In this paper, we improve the algorithm used to calculate a CA trust level on the basis of trust level of the CAs that had issued certificates for it and their extension fields. By this way, the calculated trust level reflects a real trustworthiness of certificate because it is computed on the basis of the real factors influencing this trustworthiness. It is then more relevant for a relying party when deciding whether to accept a received certificate or not.

Online publication date: Mon, 04-Jun-2018

The full text of this article is only available to individual subscribers or to users at subscribing institutions.

 
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Internet Technology and Secured Transactions (IJITST):
Login with your Inderscience username and password:

    Username:        Password:         

Forgotten your password?


Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email subs@inderscience.com