Public key infrastructure (PKI) interoperability : a security services approach to support transfer to trust

Loading...
Thumbnail Image
Authors
Hansen, Anthony P.
Subjects
Advisors
Michael, James Bret
Date of Issue
1999-09
Date
September, 1999
Publisher
Monterey, California: Naval Postgraduate School
Language
en_US
Abstract
Public key infrastructure (PKI) technology is at a primitive stage characterized by deployment of PKIs that are engineered to support the provision of security services within individual enterprises, and are not able to support the vendor-neutral interoperability necessary for large, heterogeneous organizations such as the United States Federal government. Current efforts to realize interoperability focus on technical compatibility between PKIs. This thesis defines interoperability as the capacity to support trust through retention of security services across PKI domains at a defined level of assurance and examines the elements of PKI interoperability using this more comprehensive approach. The initial sections discuss the security services PKIs support, the cryptography PKIs employ, the certificate/key management functions PKIs perform, and the architectural elements PKIs require. This provides the framework necessary for discussing interoperability. Next, the two fundamental aspects of interoperability, technical and functional, are presented as well as their constituent elements and the existing barriers to interoperability. Finally, the proposed U.S. Department of Defense and Federal government PKI architectures are analyzed and recommendations made to facilitate interoperability.
Type
Thesis
Description
Series/Report No
Department
Systems Engineering (SE)
Identifiers
NPS Report Number
Sponsors
Funder
Format
xiv, 152 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
Collections