{"id":"https://openalex.org/W4407403516","doi":"https://doi.org/10.1109/msec.2025.3531232","title":"A Call to Reconsider Certification Authority Authorization","display_name":"A Call to Reconsider Certification Authority Authorization","publication_year":2025,"publication_date":"2025-02-12","ids":{"openalex":"https://openalex.org/W4407403516","doi":"https://doi.org/10.1109/msec.2025.3531232"},"language":"en","primary_location":{"id":"doi:10.1109/msec.2025.3531232","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msec.2025.3531232","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032624462","display_name":"Pouyan Fotouhi Tehrani","orcid":"https://orcid.org/0000-0002-3668-9335"},"institutions":[{"id":"https://openalex.org/I78650965","display_name":"Technische Universit\u00e4t Dresden","ror":"https://ror.org/042aqky30","country_code":"DE","type":"education","lineage":["https://openalex.org/I78650965"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Pouyan Fotouhi Tehrani","raw_affiliation_strings":["Distributed and Networked Systems, TUD Dresden University of Technology, Dresden, Germany","TUD Dresden University of Technology, Dresden, Germany"],"affiliations":[{"raw_affiliation_string":"Distributed and Networked Systems, TUD Dresden University of Technology, Dresden, Germany","institution_ids":["https://openalex.org/I78650965"]},{"raw_affiliation_string":"TUD Dresden University of Technology, Dresden, Germany","institution_ids":["https://openalex.org/I78650965"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031272687","display_name":"Raphael Hiesgen","orcid":"https://orcid.org/0000-0002-1676-8108"},"institutions":[{"id":"https://openalex.org/I159176309","display_name":"Universit\u00e4t Hamburg","ror":"https://ror.org/00g30e956","country_code":"DE","type":"education","lineage":["https://openalex.org/I159176309"]},{"id":"https://openalex.org/I70451448","display_name":"HAW Hamburg","ror":"https://ror.org/00fkqwx76","country_code":"DE","type":"education","lineage":["https://openalex.org/I70451448"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Raphael Hiesgen","raw_affiliation_strings":["Hamburg University of Applied Sciences, Hamburg, Germany"],"affiliations":[{"raw_affiliation_string":"Hamburg University of Applied Sciences, Hamburg, Germany","institution_ids":["https://openalex.org/I70451448","https://openalex.org/I159176309"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027677424","display_name":"Thomas C. Schmidt","orcid":"https://orcid.org/0000-0002-0956-7885"},"institutions":[{"id":"https://openalex.org/I159176309","display_name":"Universit\u00e4t Hamburg","ror":"https://ror.org/00g30e956","country_code":"DE","type":"education","lineage":["https://openalex.org/I159176309"]},{"id":"https://openalex.org/I70451448","display_name":"HAW Hamburg","ror":"https://ror.org/00fkqwx76","country_code":"DE","type":"education","lineage":["https://openalex.org/I70451448"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Thomas C. Schmidt","raw_affiliation_strings":["Hamburg University of Applied Sciences, Hamburg, Germany"],"affiliations":[{"raw_affiliation_string":"Hamburg University of Applied Sciences, Hamburg, Germany","institution_ids":["https://openalex.org/I70451448","https://openalex.org/I159176309"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5039216100","display_name":"Matthias W\u00e4hlisch","orcid":"https://orcid.org/0000-0002-3825-2807"},"institutions":[{"id":"https://openalex.org/I78650965","display_name":"Technische Universit\u00e4t Dresden","ror":"https://ror.org/042aqky30","country_code":"DE","type":"education","lineage":["https://openalex.org/I78650965"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Matthias W\u00e4hlisch","raw_affiliation_strings":["TUD Dresden University of Technology, Dresden, Germany"],"affiliations":[{"raw_affiliation_string":"TUD Dresden University of Technology, Dresden, Germany","institution_ids":["https://openalex.org/I78650965"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5032624462"],"corresponding_institution_ids":["https://openalex.org/I78650965"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.03254327,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"24","issue":"1","first_page":"35","last_page":"43"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T14330","display_name":"Library Science and Information Systems","score":0.9832000136375427,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T14330","display_name":"Library Science and Information Systems","score":0.9832000136375427,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.7282356023788452},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.5677692890167236},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4423849880695343},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.39227205514907837},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.28009822964668274},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.252432644367218},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.21640056371688843}],"concepts":[{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.7282356023788452},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.5677692890167236},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4423849880695343},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39227205514907837},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.28009822964668274},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.252432644367218},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.21640056371688843}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/msec.2025.3531232","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msec.2025.3531232","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W2112074340","https://openalex.org/W2186028149","https://openalex.org/W2242951943","https://openalex.org/W2769047723","https://openalex.org/W2800412265","https://openalex.org/W2969424469","https://openalex.org/W3199841420","https://openalex.org/W4206147779","https://openalex.org/W4399852627","https://openalex.org/W4401323078"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2066052364","https://openalex.org/W4243365217","https://openalex.org/W2224296908","https://openalex.org/W2023743128","https://openalex.org/W3109981693","https://openalex.org/W2381980429","https://openalex.org/W2384206113","https://openalex.org/W645983410","https://openalex.org/W2808346476"],"abstract_inverted_index":{"Certification":[0],"Authority":[1],"Authentication":[2],"(CAA)":[3],"is":[4],"a":[5],"safeguard":[6],"against":[7],"illegitimate":[8],"certificate":[9,26],"issuance.":[10],"We":[11],"show":[12],"how":[13],"shortcomings":[14],"in":[15,24],"CAA":[16],"concepts":[17],"and":[18,32],"operational":[19],"aspects":[20],"undermine":[21],"its":[22],"effectiveness":[23],"preventing":[25],"misissuance.":[27],"Our":[28],"discussion":[29],"reveals":[30],"pitfalls":[31],"highlights":[33],"best":[34],"practices":[35],"when":[36],"designing":[37],"security":[38],"protocols":[39],"based":[40],"on":[41],"the":[42],"Domain":[43],"Name":[44],"System.":[45]},"counts_by_year":[],"updated_date":"2026-02-02T03:55:41.653505","created_date":"2025-10-10T00:00:00"}