Intranet security framework based on short-lived certificates

Abstract

This paper describes an intranet security framework based on public key cryptography. It uses short-lived certificates to avoid and eliminate costly and difficult key management issues in the typical X.509 authentication framework. Specifically, it loosens the tightly coupled relationship between the security components and the application. Operationally, the framework creates the tasks of entity registration and certification so that certificates can be efficiently and securely delivered to the client. The result is a scalable and cost-effective security solution for intranet applications.