To main content

On the Certificate Revocation Problem in the Maritime Sector

Abstract

Maritime shipping is currently undergoing rapid digitalization, but with increasing exposure to cyber threats, there is a need to improve the security of the ship communication technology used during operations across international waters, as well as close to local shores and in ports. To this aid, there are ongoing standardization efforts for an international maritime Public Key Infrastructure, but the inherent properties of limited connectivity and bandwidth make certificate revocation a problematic affair compared to traditional Internet systems. The main contribution of this paper is an analysis of certificate revocation techniques based on how they fulfil fundamental maritime requirements and simulated usage over time. Our results identify CRLs (with Delta CRLs) and CRLite as the two most promising candidates. Finally, we outline the pros and cons with these two different solutions.

Category

Academic article

Client

  • Research Council of Norway (RCN) / 295969

Language

English

Affiliation

  • SINTEF Digital / Software Engineering, Safety and Security

Year

2021

Published in

Lecture Notes in Computer Science (LNCS)

ISSN

0302-9743

Publisher

Springer

Page(s)

142 - 157

View this publication at Cristin