Scalable and Efficient PKI for Inter-Organizational Communication

Arne Ansper, Ahto Buldas, Margus Freudenthal, Jan Willemson

We propose an efficient and flexible system for a secure and authentic data exchange in a multi institutional environment, where the institutions maintain different databases and provide secure and limited access services to employees of other institutions. The main motivation to build such a system was to organize efficient co-operative use of State Registers, in order to increase the efficiency and quality of public services in Estonia. In order to meet high security requirements, several contemporary measures are integrated (using digital signatures, distributing certificate information by means of DNS protocol and linking log files with cryptographic checksums). We give rationale for the design decisions made in the implementation process and conclude the presentation with the current state of public usage of the resulting infrastructure.

Keywords: PKI, database access control, inter-organizational communication

Read Paper Read Paper (in PDF)