基于入侵容忍的证书撤销列表机制研究

公钥基础设施(PKI)系统中，认证机构(CA)签名不易伪造，对基于证书撤销列表(CRL)的证书撤销系统的入侵通常是破坏系统的可用性和数据的完整性，针对这一特点，设计了入侵容忍CRL服务系统。系统利用冗余的多台服务器存储CRL，在进行多机之间的数据复制和使用时，采取随机选择主服务器的被动复制算法及选择最近更新的CRL简单表决算法。在实验给定的入侵攻击条件下，入侵容忍的CRL系统比无容忍系统的证书撤销查询正确率提高了近20%，但也增加了系统的开销。实验结果表明，适当地增加CRL服务器的数量能够提高证书撤销查询的正确率且控制系统的开销。

Research on certificate revocation list mechanism based on intrusion tolerance

In Public Key Infrastructure (PKI) systems, the Certificate Authority (CA) signature is not easy to forge, thus, intrusions to these certificate revocation systems which are based on Certificate Revocation List (CRL) usually aim at destroying system usability and data integration. Concerning this intrusion feature, an intrusion tolerance CRL service system was designed in this paper. Within the system, CRL was stored on multiple redundant servers. In order to copy and use data among these servers, a passive replication algorithm of randomly selecting main server and a simple vote algorithm of selecting the most recent updated CRL were proposed. Under the given experiment intrusion conditions, although system expenses were increased, the query accuracy of certificate revocation of a system that tolerated intrusions was about 20% higher than that of a system that did not. The experimental results show that adding more servers properly increases the query accuracy of certificate revocation and controls the system expenses.