Countermeasures to Vulnerability of Certificate Application in u-City

City facilities have been fused with IT technology as ubiquitous computing technology is propagated. The spaces of u-City are various kinds and they may become home, office, market & store, park & green zone, school & campus, hospital, government & public offices, transportation, etc. The u-City activities which are done in the space are various kinds and can become the government administration, the national defense security, the education, the medical service & health, the financing, the transportation, the wholesale & retail trade, etc. Information security threats as the antisocial, the immoral, the cyber-crime throughout the various information media are increased in the reversed side of the ubiquitous society which is on its way and u-City which is built and has been widespread. It is necessary to establish and apply the countermeasure in the process to build IT service u-City. It is very important to manage the key safely in order to provide the security services which are the confidentiality, the authentication, the repudiation and so on in the space of u-City. As the activities in the space of u-City are very various kinds, it needs the combined key management system to provide the proper security service to them. We can predict to be made frequent use the PKI-based key management system which a certificate is used in. This paper studies the vulnerability cases of certificate application in the real world, proposes countermeasures to the cases which satisfy the security requirements of certificate application and which can be applied in u-City.