As is known, a secure communication system includes a plurality of end-users (sometimes referred to as "clients"), and at least one processor for each of a server/manager, an officer, and an administrator. The administrator is affiliated with the end-users, or clients, and processes, signs, and/or encrypts certificates for such end-users. For example, the administration processor processes the adding, deleting, updating, and preparing status reports of end-users' signature public key pairs and encryption public key pairs. As a further example, when an end-user leaves the secured communication system, the administrator, via an administration processor, disables the end-user's signature and deletes the encryption public key certificate from a directory. The directory lists the public key certificates for each end-user within the secured communication system. When an end-user is added to the secured communication system, the administrator, via the administration processor, supplies a request to the server that is requesting the server enable the new end-user for certificate management. When an end-user has lost access to his or her private key history, the administrator, via the administration processor, requests that the server recover the end-user's key.
In the secure communication system, the administration processor, the officer processor, and server are located within a single computing unit. Thus, any requests received by the server from the administration processor can readily be authenticated because they are both part of the same machine. Similarly, when the officer initiates policy changes, the policy changes can be securely conveyed to the administration processor and the server, again because they are in the same machine. While this works well in many applications, as secure communication systems grow in number of end-users and locales, the task of managing the administration processor and the officer processor exceeds the realistic capabilities of the single administrator/officer/server computing device. Thus, without developing a new secured communications system architecture that eliminates the single administrator/officer/server computing device, secured communication system growth is limited.
Therefore, a need exists for a method and apparatus for processing administration of a secure community, or communications system, that allows for expansion of the number of end-users and their locales.