An authentication technology such as Public Key Infrastructure (PKI) is used for a server authentication. However, it does not certificate a status of a server side security countermeasures, e.g., a configuration and operating condition of a Firewall (FW), a Virus Detection System (VDS) and an Intrusion Detection System (IDS). When a client machine com municates the server that is vulnerable to the attack, the server may affect the critical damage to the client machine. In this paper, we propose a Security Key Infrastructure (SKI) scheme that verifies the server side security countermeasures by linkage between an external and an internal audit. We consider requirements for designs of the SKI scheme, and implement communication modules between the server and the client machine. It is shown that the proposed SKI can achieve a quick response of the server and provide the certification of the security countermeasures to the client machine.
展开▼