A Flexible Management Framework for Certificate Status Validation

Public key cryptography is widely recognized as the technology to develop and deploy authentication, sad integrity, confidentiality, and non-repudiation services. The services typical of public key cryptography requires a Public Key Infrastructure (PKI) in charge of securely managing keys/certificates for complex and large scale organizations. An essential PKI feature is the complete certificate status validation (CSV) system that combines effectively the publishing and the consistent usage of certificate status information for wide range of applications. Several CSV solutions, such as Certificate Revocation Lists or the Online Certificate Status Protocol, are available, but none can meet the requirements for all applications, in particular of timeliness and performance. The lack of a comprehensive CSV solution calls for the development of a flexible framework that integrates all available validation mechanisms depending on applications and that permits the selection of alternative validation strategies, depending on [Begin application Your requirements. Text Here] This paper describes this framework to ensure dynamic management of CSV mechanisms and to provide PKI users with automatic and transparent certificate status validation support. In addition, the paper claims that the framework implementation can benefit from the adoption of the Mobile Agent (MA) technology because of the properties of flexibility, dynamicity and transparency, by presenting an MA-based prototype for CSV