To main content

On the Certificate Revocation Problem in the Maritime Sector

On the Certificate Revocation Problem in the Maritime Sector

Category
Academic article
Abstract
Maritime shipping is currently undergoing rapid digitalization, but with increasing exposure to cyber threats, there is a need to improve the security of the ship communication technology used during operations across international waters, as well as close to local shores and in ports. To this aid, there are ongoing standardization efforts for an international maritime Public Key Infrastructure, but the inherent properties of limited connectivity and bandwidth make certificate revocation a problematic affair compared to traditional Internet systems. The main contribution of this paper is an analysis of certificate revocation techniques based on how they fulfil fundamental maritime requirements and simulated usage over time. Our results identify CRLs (with Delta CRLs) and CRLite as the two most promising candidates. Finally, we outline the pros and cons with these two different solutions.
Client
  • Research Council of Norway (RCN) / 295969
Language
English
Affiliation
  • SINTEF Digital / Software Engineering, Safety and Security
  • Norwegian University of Science and Technology
Year
Published in
Lecture Notes in Computer Science (LNCS)
ISSN
0302-9743
Publisher
Springer
Page(s)
142 - 157