ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper Delegation of TLS Authentication to CDNs using Revocable Delegated Credentials
Cited 0 time in scopus Share share facebook twitter linkedin kakaostory
Authors
Daegeun Yoon, Taejoong Chung, Yongdae Kim
Issue Date
2023-12
Citation
Annual Computer Security Applications Conference (ACSAC) 2023, pp.1-11
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1145/3627106.3627144
Abstract
When using a Content Delivery Network (CDN), domain owners typically delegate Transport Layer Security (TLS) authentication to the CDN by sharing their TLS certificate’s private key. However, this practice not only delegates TLS authentication but also grants the CDN complete control over the certificate. To mitigate these concerns, Delegated Credential (DC) was proposed as a solution; DC, which contains both the CDN’s public key and the domain owner’s signature, allows the domain owners to delegate their own credentials for TLS authentication, thereby avoiding the need to share their private keys. However, the absence of a mechanism to distribute the revocation status of a DC renders it non-revocable, even when a compromise of a credential has been detected. DCs were thus designed to be short-lived, necessitating frequent renewal for continued use.
KSP Keywords
Content delivery network(CDN), Public Key, Transport layer security, continued use, private Key, short-lived