World Scientific
Skip main navigation

Cookies Notification

We use cookies on this site to enhance your user experience. By continuing to browse the site, you consent to the use of our cookies. Learn More
×

System Upgrade on Tue, May 28th, 2024 at 2am (EDT)

Existing users will be able to log into the site and access content. However, E-commerce and registration of new users may not be available for up to 12 hours.
For online purchase, please visit us again. Contact us at customercare@wspc.com for any enquiries.

A Secure Two-Tier Domain Verification and Certificate Validation Integrating Intermediate Certificate Authorities and Secure Certificate Box

    https://doi.org/10.1142/S0218126623501037Cited by:1 (Source: Crossref)

    Digital certificates play a key role in the public key infrastructure (PKI). They are mainly used to secure communication between a browser and a webserver to keep the transmitted data safe from interception. Digital certificates are issued by certificate authorities (CAs). Numerous CAs serve as root CAs around the world. Moreover, root CAs can delegate intermediate CAs (ICAs). Any CA can issue a certificate for any entity on the internet world. However, it will be difficult for an end user to identify which authorities are trustworthy and genuine. In addition, adversaries can quickly induce fraudulent certificates due to a lack of rigorous background checks for domain possession at the time of certificate issuance. Our work is primarily oriented towards incorporating the domain validation and certificate validity check from the client side as an additional security fortification. This is in addition to a novel associative approach for domain validation using ICAs. This paper presents a novel two-tier system for domain validation of servers. The system operates at two levels. At the first level, an associative validation of the domains by making use of multiple ICAs is employed. A set of CAs validates domain ownership before issuing the certificate to prevent false issuance of the certificate. In addition to this, during the initiation of the client–server connection, the client itself validates the certificate to make sure that the certificate received securely from any webserver is a genuine one.

    This paper was recommended by Regional Editor Takuro Sato.