A New Trust Model for PKI Interoperability

摘要

The rapid deployment of the Internet over the last fifteen years has witnessed the birth of a number of serious security issues. In the case of e-commerce and e-government, security issues are of great concern due to the need for a high level of confidentiality in the information that is exchanged between business and governmental bodies as well as a high level of confidence or trust that in the processes of exchange. One approach to guaranteeing security in these cases is the public encryption key infrastructure or PKI. Basically, a PKI provides a structure of trust among its users or principals. PKI has become the object of international attention and much has been done to realize national and international standards for PKI, for example X.509. There are, however, serious PKI implementation issues as different countries and different organizations may adopt different security policies and implementations. This raises the question of interoperability between these various implementations, especially in such a way as to create a global trust domain. In this paper, the authors propose a new construct, a ring configuration of specialized Certification Authorities (CA’s) called "Gateway Certification Authorities (GWCA’s)," as a solution to the general PKI interoperability problem.