| | | | |
|

Depender Graphs: A method of Fault-Tolerant Certificate Distribution
by Dr. Patrick Lincoln, Jonathan K. Millen & Rebecca N. Wright.
Abstract
We consider scalable certificate revocation in a public-key infrastructure (PKI). We introduce depender graphs, a new class of graphs that support efficient and fault tolerant revocation. Nodes of a depender graph are participants that agree to forward revocation information to other participants. Our depender graphs are k-redundant, so that revocations are provably guaranteed to be received by all non-failed participants even if up to k - 1 participants have failed. We present a protocol for constructing k redundant depender graphs that has two desirable properties. First, it is load-balanced, in that no participant need have too many dependers. Second, it is localized, in that it avoids the need for any participant to maintain the global state of the depender graph. We also give a localized protocol for restructuring the graph in the event of permanent failures.
Files
|
|
|