Publication Type

Journal Article

Version

acceptedVersion

Publication Date

2-2014

Abstract

The fast growth of e-commerce and online activities places increasing needs for authentication and secure communication to enable information exchange and online transactions. The public key infrastructure (PKI) provides a promising foundation for meeting such demand, in which certificate authorities (CAs) provide digital certificates. In practice, it is critical to understand consumer purchasing and revocation behaviors so that CAs can better manage the digital certificates and its CRL releasing process. To address this problem, we analytically model a CA's pricing and revocation releasing strategies taking into consideration the users' rational decisions. The model provides solutions two main research questions: (1) How should the CA price the digital certificates? The the price of the digital certificate should be determined by the expected losses of the user's IT system, and the number of certificate revocations per period is expected to decrease over time during the lifecycle of the certificate. This result is supported by the empirical data from VeriSign. (2) How should the CA we further propose a dynamic CRL releasing policy that suggests that the optimal releasing intervals within the lifecycle of a certificate should increase over time.

Keywords

Security management, Key Infrastructure (PKI), Certificate Authority (CA), Certificate Revocation List (CRL), Dynamic programming algorithm

Discipline

Databases and Information Systems | Theory and Algorithms

Research Areas

Information Systems and Management

Publication

Decision Support Systems

Volume

58

First Page

74

Last Page

78

ISSN

0167-9236

Identifier

10.1016/j.dss.2012.12.043

Publisher

Elsevier

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1016/j.dss.2012.12.043

Download

Share

COinS