A Flexible Management Framework for Certificate Status Validation [chapter]

Antonio Corradi, Rebecca Montanari, Cesare Stefanelli, Diana Berbecaru, Antonio Lioy, Fabio Maino
2000 IFIP Advances in Information and Communication Technology  
Public key cryptography is widely recognised as the technology to develop effective authentication, integrity, confidentiality and non-repudiation services. The provision of public key-based security services for complex and large scale organisations requires a Public Key Infrastructure (PKI) in charge of securely managing cryptographic keys/certificates. An essential PKI service is the certificate status validation (CSV) system that supports the publishing and the consistent usage of
more » ... e status information for wide range of applications. Several CSV solutions, such as Certificate Revocation Lists or the On-line Certificate Status Protocol, are available, but none can meet the requirements for all applications, in particular of timeliness and performance. The lack of a comprehensive CSV solution calls for the development of a flexible framework that can integrate all available validation mechanisms and permit the selection of alternative validation strategies, depending on application requirements. The paper describes this framework that provides PKI users with a flexible, dynamic and transparent CSV support. In addition, the paper claims that the framework flexibility, dynamicity arid transparency can greatly benefit from the adoption of the Mobile Agent (MA) technology because it exhibits the same intrinsic features, by presenting an MA-based prototype for CSV.
doi:10.1007/978-0-387-35515-3_49 fatcat:ukic2l55ibcxbgomvjrb6ml6hu