Security and Privacy in Communication Networks. 5th International ICST Conference, SecureComm 2009, Athens, Greece, September 14-18, 2009, Revised Selected Papers

Research Article

Use of ID-Based Cryptography for the Efficient Verification of the Integrity and Authenticity of Web Resources

Download132 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-05284-2_20,
        author={Thanassis Tiropanis and Tassos Dimitriou},
        title={Use of ID-Based Cryptography for the Efficient Verification of the Integrity and Authenticity of Web Resources},
        proceedings={Security and Privacy in Communication Networks. 5th International ICST Conference, SecureComm 2009, Athens, Greece, September 14-18, 2009, Revised Selected Papers},
        proceedings_a={SECURECOMM},
        year={2012},
        month={5},
        keywords={Identity Based Cryptography Integrity Authenticity Web 2.0},
        doi={10.1007/978-3-642-05284-2_20}
    }
    
  • Thanassis Tiropanis
    Tassos Dimitriou
    Year: 2012
    Use of ID-Based Cryptography for the Efficient Verification of the Integrity and Authenticity of Web Resources
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-642-05284-2_20
Thanassis Tiropanis1,*, Tassos Dimitriou2,*
  • 1: University of Southampton
  • 2: Athens Information Technology
*Contact email: tt2@ecs.soton.ac.uk, tdim@ait.edu.gr

Abstract

As the amount of information resources on the Web keeps increasing so are the concerns for information integrity, confidentiality and authenticity. In Web 2.0 users are producers as well as consumers of content and metadata, which makes guaranteeing the authenticity and integrity of information critical. The scale of the Web requires that any proposals in this direction require minimal (if any) infrastructural or administrative changes. This paper proposes the use of ID-based cryptography (IBC) to address requirements for integrity and authenticity of Web resources using either the URL/URI of a resource or the DNS name part of if. This approach presents certain challenges, which are discussed along with the pros and cons of different designs and implementations.