[Show abstract][Hide abstract] ABSTRACT: A Public Key Infrastructure (PKI) using a certificate has already been widely used in a variety of fields for the provision
of security service. Accordingly a Certification Authority (CA) that issues a certificate must securely construct a Certification
Authority System and manage it. It is significantly important for a CA to ensure its service to continue to operate properly
by preparing for any disaster caused by a CA’s private key compromise no matter what the cause is.
In this paper, we provide the definitions of PKI disaster recovery and PKI business continuity, which are more clear and specific
than ever before. We also present three requirements for a PKI model preparing for a disaster. Then we propose a PKI model
that ensures business continuity in the event of a disaster in which a CA key is exposed. It is easily applied to the existing
PKI structure. We stress that the proposed PKI model in this paper is the first to ensure both applicability to the existing
models and business continuity in the event of a disaster.