An increasing number of applications within an enterprise are provided over Hypertext Transfer Protocol (HTTP). Many of these applications provide secure communications between a client device and a hosted website. These applications include intranet portals, Webmail, front-office applications, back-office applications, and the like. Many of these applications may also be accessed from a branch office either through a Virtual Private Network (VPN) tunnel, directly over the public Internet, or the like. These applications may be available on a server device inside a head office, for example. The head office and branch office include networks of computing devices secured behind security perimeters, such as behind firewalls, or the like.
A traditional method of providing secure communications between the client device and the server device employs a web browser and a website to establish an encrypted session. Encrypted sessions may be implemented using a variety of secure communication protocols, including Secure Sockets Layer (SSL) protocol, Transport Layer Security (TLS) protocol, or the like. Managing such an encrypted session may be difficult at times, especially where the server device may not have information needed by the client device, the server device fails, or the server device otherwise needs to be replaced with a different server device.
Moreover, in systems where client validation is requested (e.g. in a two-way SSL connection in which both the client and server are validated), a heavy load may be placed on a server if it handles task traffic for the connection (e.g. content requests from the client) as well as performing authentication, authorization and accounting (AAA) tasks, including but not limited to client certificate authentication.