APPLICATION OF ELECTRONIC SIGNATURES IN TRANSFERRING THE INFORMATION ABOUT SPACE
|
|
- Pamela Edwards
- 8 years ago
- Views:
Transcription
1 APPLICATION OF ELECTRONIC SIGNATURES IN TRANSFERRING THE INFORMATION ABOUT SPACE Agnieszka Gryszczyńska Faculty of Law Cardinal Stefan Wyszyński University tel , Introduction The purpose of this work is to analyse the possibility of using electronic signature in transferring information about space. There will be presented the essence of electronic signature, legal framework established for electronic signature in international law and Polish regulation referring to electronic signature. There will be discussed civil legal consequences of putting signature and possibility of coding and verification with the aid of electronic signature. Due to many functions of electronic signatures, they may be used at different stages of data processing. 1. Functions of electronic signature The main functions of electronic signature may be: Signatures for Identification, serve to prove possessing private key. Signatures and certificates serve only to authenticate the system and identify the person trying to get access (e.g. to server or database). Identification is based on signing the random data sent by server demanding verification for signature and verification the electronic signature put in that way 34. Signatures for Authentication, are put automatically be devices. Signatures for declaration of knowledge, this signature serves to confirm reading or receiving a document Declaration of will Signatures as declaration of will, prove making declaration of will. Confirmation of originality enables to distinguish the original from a copy. Confirmation of integrity ensures detection of changes in signed data. Confirmation of learning about data confirms sending or receiving data 2. Legal base for electronic signature 2.1. Regulation of electronic signature under the model law UNCITRAL UNCITRAL, United Nations Commission on International Trade Law, in 1996 passed a model law on electronic trade, which defines rules of using modern means of communication and gathering information 35. The model law indicates international character of electronic trade. The most important feature of this act is legal acknowledgement of transferring data in electronic form (EDI - Electronic Data Interchange) Art. 7 of the model law regulates electronic signature. Regulation in art. 7 of the model law proved to be insufficient, so UNCITRAL directed the working group to prepare a detailed project on electronic signature. The model law on electronic signatures was passed in The text of the act is accompanied with comments, which aim at ensuring appropriate implementation of the law into domestic law Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures The need for unifying the law regulating trade and electronic signature also acknowledged the European Union. The legal framework for functioning of electronic signature introduces the Directive of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic 34 R. Podpłoński, P. Popis, Podpis elektroniczny, Komentarz, Warszawa 2004, p UNCITRAL Model Law on Electronic Signatures with Guide to Enantment 2001, New York 2002, 131
2 signatures 37. It harmonizes the law of the European Union countries regulating using electronic signature in civil law transactions, establishes legal framework for electronic signatures and some certification services, which is aimed at ensuring good functioning of internal market and using electronic signatures in legal transactions. Its purpose is to make using electronic signature easier and promoting its legal acknowledgment. In this act there are contained legal conditions for electronic signature and defined certification services. The Directive express the rule of technologic neutrality, electronic signatures are not only those based on public key infrastructure (PKI), but they may also be signatures created on the basis of other technologies, provided that they meet legally defined conditions. According to a definition, electronic signature means data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication. Electronic signature cannot be denied legal effectiveness and admissibility on the ground that it is in electronic form, or not based upon a qualified certificate, or not based upon a qualified certificate issued by an accreditied certification-service-provider, or not created by a secure signature-creation device. To ensure confidence and security of electronic commerce, Directive define also advanced electronic signature, which means an electronic signature which meets following requirements: It is uniquely linked to the signatory, It is capable of identifying the signatory, It is created using means that the signatory can mantain under his sole control, It is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable. The Directive was implemented in all state members of the European Union 38, which enables functioning unified system of electronic signatures Electronic signature act of September 18, 2001 Passing the electronic signature law was forced by necessity for adjusting Polish law to the law of the European Union, especially to the Directive of European Parliament and Council 1999/93/WE of December 13, The principal effect of the electronic signature act is making some changes in the civil code and modification art. 60 and 78 of the civil code, which regulate declaration of will and form of legal acts. Passing the electronic signature act was without doubt a very important step in adjusting Polish law to demands of electronic transactions. 3. The essence of electronic signature 3.1. Electronic signature According to article 3 pt 1 of Polish act, an electronic signature are data in electronic form, which together with other data, to which they were attached or with which are logically linked, serve to identify the person putting electronic signature. The term data in electronic form should be understood as every possible representation of information, prepared, stored or sent in electronic form. The act doesn t limit the definition of data in electronic form to data in digital form, that is the form, in which the information is stored or sent in binary form (sequence of zeros and ones). The binary form isn t used for example in data recorded on a video or tape-recorder cassette 39. Therefore, electronic signature is every possible electronic identification of individuals. Wide definition of electronic signature allows to state, that an revealing the sender s data is also an electronic signature O.J. L 013, The legal and market aspects of electronic signatures, Legal and market aspects of the application of Directive 1999/93/EC and practical applications of electronic signatures in the Member States, the EEC, the Candidate and the Accession countries, Study for the European Commission DG Iformation Society, Katholieke Universiteit Leuven, september2003, 39 J. Jacyszyn, J. Przetoki, A. Wittlin, S. Zakrzewski, Podpis elektroniczny, Komentarz do ustawy z 18 września 2001, Warszawa 2002, p R. Podpłoński, P. Popis,..., p
3 3.2. Safe electronic signature Article 3 pt 2 of the act introduces into legal transactions safe electronic signature. This term means an electronic signature which: is matched exclusively to the person putting this signature; is put with the aid of, subjected to the exclusive control of the person putting the signature, safe devices used for putting electronic signature and data used for putting electronic signature and is connected with the data, to which it was attached in the way, that any later changes in these data are recognisable. Putting this signature requires an active participation of the person putting this signature this person must have some attributes (e.g. biometric features while verifying the signature with the aid of iris, specific knowledge giving code or password, specific objects e.g. devices for putting electronic signature). In addition, the signature is in a specific way connected with the data, which ensures integrity of the signed data and certainty, that any later changes will be recognised. Electronic signature is put with the aid of data used for putting electronic signature. Every user can have some data of this kind, thanks to which may put different electronic signatures. Form of signature depends on signed data and data used for putting signature. Safe signature should be put with the aid of devices exclusively controlled by the person putting this signature and data serving to put the signature. According to Polish law, a device for putting signature is hardware and software configured in the way that allows to put electronic signature or certificate with the use of data serving to put electronic signature or certification. 4. Civil law effects of using electronic signature Electronic signature acts in the article 8 introduces a rule, that validity and effectiveness of electronic signature can t be refused only because it is in electronic form or data used for signature verification don t have qualified certificate or haven t been put with the aid of a safe device serving for putting electronic signature. The content of article 8 is based on article 5 pt 2 of the Directive and article 9 of the electronic trade model act from 1996 and article 9 of the directive 2000/31/EC regulating some electronic trade issues. 41 Additionally, the electronic signature act supplemented the article 60 of Polish civil code with the statement, that the will of the subject declaring his will may also be expressed by revealing this will in an electronic way 42. Electronic declaration of will a declaration made with use of information technology, may be expressed by any behaviour of a person, intending to create defined legal effects, taking into account accompanying circumstances, rules of equity and established customs 43. The electronic signature act creates legal conditions for using electronic signature in legal transactions as equal to handmade signature. According to article 5 of the act safe electronic signature verified with qualified certificate creates legal effects defined by law if it is put during validity of this certificate. Data in electronic form with safe signature verified with the aid of valid qualified certificate are legally equal to documents with handmade signatures, except as otherwise stated by law. 5. Coding and verification of data signed with electronic signature. Safety of using electronic signature is based on making it impossible to unauthorized use this signature on behalf of another person. 41 W. J. Kocot, Charakter prawny podpisu elektronicznego, PPH, nr 4/2002, p Borowicz K., Ustawa o podpisie elektronicznym. Komentarz, Bielsko-Biała 2002, Butkiewicz M., Wpływ ustawy o podpisie elektronicznym na formę czynności prawnych, Przegląd Prawa Handlowego 2003/4 p. 30, Drozdowicz M., (Nie)bezpieczny podpis elektroniczny, PPH 2003/1/27, Jacyszyn J., Przetocki J. (red.), Wittlin A., Zakrzewski S., Podpis elektroniczny. Komentarz do ustawy z 18 września 2001 r., Warszawa 2002, Kocot W.J., Charakter prawny podpisu elektronicznego, PPH 2002/4/36; Radwański Z., Elektroniczna forma czynności prawnej, M.Prawn. 2001/22/1107; Szostek D, Podpis elektroniczny - problemy cywilnoprawne, PPH 2002/1/41, Wejman F, Wprowadzenie do cywilistycznej problematyki ustawy o podpisie elektronicznym, Pr.Bankowe 2002/2/37, 43 E. Wyrozumska, Elektroniczne oświadczenie woli w ustawie o podpisie elektronicznym i po nowelizacji kodeksu cywilnego, PPH nr 8/2003, p
4 The safety is realized in three fields: cryptographic (using special coding algorithms), technical (generating cryptographic keys in appropriate conditions and then storing the private key in correct way) and legal (criminal law regulation). At present the method guarantying appropriate safety of creating electronic signatures is based on asymmetric cryptography. Contrary to this method is symmetric cryptography, which uses only one key secret key. In asymmetric cryptography two keys are used. Algorithm is based on using in coding a very big prime, from which may be derived another very big prime. With the aid of the first number the message is coded, with the aid of the other, even though it s different from the firs one, the information may be decoded. One of first implementations of this techniques was a system based on RSA algorithm. The algorithm is based on existence of mathematical functions, which can be easily processed in one way, but it s hard to put it back. The fastness of coding with use of RSA algorithm is affected by length of document. Problem of long signatures was solved by application one-way abbreviation function, thanks to which instead of document, hash value created on the basis of this document is signed. As a result of abbreviation function, document extract is created transforming the content of document into sequence of bits, which doesn t reveal the document content. 44 Hashing ensures uniqueness of abbreviation of message and it is not possible to create two different documents with the same control values. In this way is created so called short electronic signature, which is attached to the original document sent in a public or coded form. Procedure of signing a document with an electronic signature based on asymmetric cryptography with use of abbreviation function, proceeds in the following way. 1. For document X is calculated value h(x), where h is an established hashing function. Hashing function generates one value on the basis of the whole file content. It s not possible to regenerate the file content on the basis of hashing function. 2.Value h(x) is coded by a sender with the aid of private key (electronic signature is put) 3. The sender sends the recipient a file with a document and a document abbreviation value signed with a private key (certificate or qualified certificate should also be attached in order to verify the sender s identity). If the sender would like to keep the sent data secret, may use coding the whole text with the aid of session key. The key used to code the document is coded by the sender with the recipient public key so that the recipient can decode the document. In this case only the recipient may decode the session key using his private key, with which he then decodes the document. 4. After receiving signed document abbreviation, the addressee calculates with the aid of computer the document abbreviation value, which he received. Then he checks if the abbreviation function value received from the sender is equal to function value calculated on the basis of the document. Summary Due to various functions fulfilled by electronic signatures, these signatures may be used at different stages of data processing in spatial information system. Signatures may serve to authenticate in the system the person trying achieve access to server or database, confirm the data integrity or declare the will and knowledge. At international level the basis for using electronic signature was defined in the model acts UNCITRAL and in the European Union law creating legal framework for electronic signature. In Poland electronic signature is regulated by the act of September 18, The term electronic signature is extremely broad, has got general character and means result of using with electronic message a technology, which allows to attribute to this message some features of handmade signature. In Polish law two legally defined electronic signatures may be defined: it s a electronic signature (common) and a safe electronic signature. Additional specific functions has got the safe electronic signature verifying with the aid of the valid qualified certificate. There are many types of electronic signatures. They are described on the basis of many different criteria: e.g. used method, purpose or characteristic of the 44 J. Jacyszyn, S. Zakrzewski, Podpis elektroniczny jako element systemu zabezpieczenia danych w sieci, Rejent, nr 10, X. 2001, p
5 signature. Safety of using electronic signature is based on making it impossible to unauthorized use this signature on behalf of another person. The safety is realized in three fields: cryptographic, technical and legal. An important role in guarantying safety of transactions play also subjects providing certification services, whose task is to verify the people using advanced electronic signatures. Bibliography 1. Borowicz K., Ustawa o podpisie elektronicznym. Komentarz, Bielsko-Biała 2002, 2. Buonomo G., Processo telematico e firma digitale, Milano Butkiewicz M., Wpływ ustawy o podpisie elektronicznym na formę czynności prawnych, Przegląd Prawa Handlowego 2003/4 4. Drozdowicz M., (Nie)bezpieczny podpis elektroniczny, PPH 2003/1/27, 5. Finocchiario G., Firma digitale e firme elettroniche, Milano Gaweł J., Świerczyński M., Wprowadzenie do projektu ustawy modelowej UNCITRAL o podpisach elektronicznych i projekt ustawy modelowej, Kwartalnik Prawa Prywatnego 2001/1 7. Jacyszyn J., Podpis elektroniczny w praktyce notarialnej, Rejent 2003/12 str Jacyszyn, J. Przetoki, A. Wittlin, S. Zakrzewski, Podpis elektroniczny, Komentarz do ustawy z 18 września 2001, Warszawa Jacyszyn, S. Zakrzewski, Podpis elektroniczny jako element systemu zabezpieczenia danych w sieci, Rejent, nr 10, X Kocot W.J., Charakter prawny podpisu elektronicznego, PPH 2002/4/36; 11. Kocot W.J., Elektroniczna forma oświadczeń woli, PPH nr 3/2001, 12. Kocot W.J., Wpływ Internetu na prawo umów, Warszawa Marucha M., Nowa ustawa o podpisie elektronicznym, Monitor Prawniczy 2002/2 Radwański Z., Elektroniczna forma czynności prawnej, M.Prawn. 2001/22/1107; 14. Podpłoński R.,. Popis P, Podpis elektroniczny, Komentarz, Warszawa Prawo Internetu, red. P.Podrecki, Warszawa Rzymowski, M. Kamiński, Podpis elektroniczny, Komentarz, Łódź Szostek D, Podpis elektroniczny - problemy cywilnoprawne, PPH 2002/1/41, 18. Szostek D. Elektroniczna data pewna, PPH 2003/3/19, 19. Szostek D., Dyrektywa Parlamentu Europejskiego i Rady Europy w sprawie podpisu elektronicznego, Rejent, nr 12 (128), Wejman F, Wprowadzenie do cywilistycznej problematyki ustawy o podpisie elektronicznym, Pr.Bankowe 2002/2/37, 21. Wyrozumska E., Elektroniczne oświadczenie woli w ustawie o podpisie elektronicznym i po nowelizacji kodeksu cywilnego, PPH 2003/8/45 135
ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION
ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION This can be a complex subject and the following text offers a brief introduction to Electronic Signatures, followed by more background on the Register of
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationSSLPost Electronic Document Signing
SSLPost Electronic Document Signing Overview What is a Qualifying Advanced Electronic Signature (QAES)? A Qualifying Advanced Electronic Signature, is a specific type of digital electronic signature, that
More informationProtection Profiles for TSP cryptographic modules Part 1: Overview
Date: 2015-08 prts 419221-1:2015 Protection Profiles for TSP cryptographic modules Part 1: Overview Document type: Technical Specification Document language: E Contents Introduction...3 1 Scope...4 2 References...4
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationLAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE
LAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE Prom. SG. 34/6 Apr 2001, amend. SG. 112/29 Dec 2001, amend. SG. 30/11 Apr 2006, amend. SG. 34/25 Apr 2006, amend. SG. 38/11 May 2007, amend. SG.
More informationUNCITRAL United Nations Commission on International Trade Law Introduction to the law of electronic signatures
Introduction to the law of electronic signatures Luca Castellani Head, Regional Centre for Asia and the Pacific UNCITRAL Secretariat Incheon, Republic of Korea Outline 1. Methods and technologies for electronic
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationAdvanced Authentication
White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is
More informationPARLIAMENT OF THE DEMOCRATIC SOCIALIST REPUBLIC OF SRI LANKA
PARLIAMENT OF THE DEMOCRATIC SOCIALIST REPUBLIC OF SRI LANKA ELECTRONIC TRANSACTIONS ACT, No. 19 OF 2006 [Certified on 19th May, 2006] Printed on the Order of Government Published as a Supplement to Part
More informationEricsson Group Certificate Value Statement - 2013
COMPANY INFO 1 (23) Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 2 (23) Contents 1 Ericsson Certificate Value Statement... 3 2 Introduction... 3 2.1 Overview... 3 3 Contact information...
More informationTHE ELECTRONIC SIGNATURE - TECHNICAL AND LEGAL IMPLICATIONS
Bulletin of the Transilvania University of Braşov Series VII: Social Sciences Law Vol. 7 (56) No. 2-2014 THE ELECTRONIC SIGNATURE - TECHNICAL AND LEGAL IMPLICATIONS Adrian Constantin MANEA 1 Abstract:
More informationAn Act to provide for the facilitation of the use of electronic transactions and signatures and for related matters.
Electronic Transactions and Electronic Signatures Act Act No. [ ] of [ ] An Act to provide for the facilitation of the use of electronic transactions and signatures and for related matters. ENACTED by
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationELECTRONIC COMMERCE OBJECTIVE QUESTIONS
MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module
More informationIn accordance with article 11 of the Law on Electronic Signature (Official Gazette of the Republic of Serbia No. 135/04), REGULATION
In accordance with article 11 of the Law on Electronic Signature (Official Gazette of the Republic of Serbia No. 135/04), the Minister of Telecommunications and Information Society hereby promulgates REGULATION
More informationMerchants and Trade - Act No 28/2001 on electronic signatures
This is an official translation. The original Icelandic text published in the Law Gazette is the authoritative text. Merchants and Trade - Act No 28/2001 on electronic signatures Chapter I Objectives and
More informationLAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE. Chapter two. ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE
LAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE Prom. SG. 34/6 Apr 2001, amend. SG. 112/29 Dec 2001, amend. SG. 30/11 Apr 2006, amend. SG. 34/25 Apr 2006, amend. SG. 38/11 May 2007 Chapter one.
More informationElectronic and Digital Signatures
Summary The advent of e-government and e-services has changed the way state agencies and local government offices do business. As a result, electronic systems and processes have become as important as
More information5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES
5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 141 PURPOSE (CT-IM-112; 07-30-2010) (Office of Origin: IRM/OPS/ITI/SI/IIB) The purpose of this FAM chapter is to enable the Department to
More informationE-Signatures. Chris Reed. Professor of Electronic Commerce Law
E-Signatures Chris Reed Professor of Electronic Commerce Law Centre for Commercial Law Studies, Queen Mary University of London Of counsel, Lawrence Graham Agenda Rethinking the concept of signature e-signature
More informationOB10 - Digital Signing and Verification
Global Headquarters 90 Fetter Lane London EC4A 1EN Tel: +44 (0) 870 165 7410 Fax: +44 (0) 207 240 2696 OB10 - Digital Signing and Verification www.ob10.com Version 2.4 March 2013 Summary In order to comply
More information2002 No. 318 ELECTRONIC COMMUNICATIONS. The Electronic Signatures Regulations 2002
STATUTORY INSTRUMENTS 2002 No. 318 ELECTRONIC COMMUNICATIONS The Electronic Signatures Regulations 2002 Made - - - - - 13th February 2002 Laid before Parliament 14th February 2002 Coming into force - -
More informationReview of methods for secret sharing in cloud computing
Review of methods for secret sharing in cloud computing Dnyaneshwar Supe Amit Srivastav Dr. Rajesh S. Prasad Abstract:- Cloud computing provides various IT services. Many companies especially those who
More informationMathematical Model Based Total Security System with Qualitative and Quantitative Data of Human
Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative
More information24-7 Electronic Signature White Paper
24-7 Electronic Signature White Paper 24-7 Electronic Signature White Paper The following document describes 24-7 Box s interpretation of the current UK legislation relating to validity of electronic signatures
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationArchived NIST Technical Series Publication
Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated
More informationFighting product clones through digital signatures
Paul Curtis, Katrin Berkenkopf Embedded Experts Team, SEGGER Microcontroller Fighting product clones through digital signatures Product piracy and forgery are growing problems that not only decrease turnover
More informationGuidelines Related To Electronic Communication And Use Of Secure E-mail Central Information Management Unit Office of the Prime Minister
Guidelines Related To Electronic Communication And Use Of Secure E-mail Central Information Management Unit Office of the Prime Minister Central Information Management Unit Office of the Prime Minister
More informationCSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity
CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationElectronic Commerce ELECTRONIC COMMERCE ACT 2001. Act. No. 2001-07 Commencement LN. 2001/013 22.3.2001 Assent 14.3.2001
ELECTRONIC COMMERCE ACT 2001 Principal Act Act. No. Commencement LN. 2001/013 22.3.2001 Assent 14.3.2001 Amending enactments Relevant current provisions Commencement date 2001/018 Corrigendum 22.3.2001
More informationThe Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems
More informationGOVERNMENT OF THE REPUBLIC OF SLOVENIA CENTRE FOR INFORMATICS ELECTRONIC COMMERCE AND ELECTRONIC SIGNATURE ACT
GOVERNMENT OF THE REPUBLIC OF SLOVENIA CENTRE FOR INFORMATICS ELECTRONIC COMMERCE AND ELECTRONIC SIGNATURE ACT LJUBLJANA, JUNE 2000 INTRODUCTION Marin Siliÿ The Act of the electronic commerce and electronic
More informationModule 1: e- Learning
Module 1: e- Learning SECTION 1: OVERVIEW... 2 PRIMER ON INFORMATION TECHNOLOGY, IS INFRASTRUCTURE AND EMERGING TECHNOLOGIES (12%) E-LEARNING... 2 Objective Objective:... 2 Task Statements... 2 Knowledge
More informationThe Mathematics of the RSA Public-Key Cryptosystem
The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More informationETSI TS 102 640-3 V1.1.1 (2008-10) Technical Specification
TS 102 640-3 V1.1.1 (2008-10) Technical Specification Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Architecture, Formats and Policies; Part 3: Information Security
More informationREGISTRATION AUTHORITY (RA) POLICY. Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A.
REGISTRATION AUTHORITY (RA) POLICY Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. INDEX Contenido 1. LEGAL FRAMEWORK... 4 1.1. Legal Base...
More informationThe role of Certification Authorities between Key Escrow and comply with secrecy of...
Page 1 of 8 14th BILETA Conference: CYBERSPACE 1999: Crime, Criminal Justice and the Internet. Monday, March 29th & Tuesday, March 30th, 1999. College of Ripon & York St. John, York, England. Securing
More informationState of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008
State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008 Background In the last ten years Arkansas has enacted several laws to facilitate electronic transactions
More informationImplementation of biometrics, issues to be solved
ICAO 9th Symposium and Exhibition on MRTDs, Biometrics and Border Security, 22-24 October 2013 Implementation of biometrics, issues to be solved Eugenijus Liubenka, Chairman of the Frontiers / False Documents
More information4. Laying of orders and regulations before Houses of Oireachtas.
Number 27 of 2000 ELECTRONIC COMMERCE ACT, 2000 ARRANGEMENT OF SECTIONS PART 1 Preliminary and General Section 1. Short title and commencement. 2. Interpretation. 3. Regulations. 4. Laying of orders and
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationLaw Governing Framework Conditions for Electronic Signatures and Amending Other Regulations
Law Governing Framework Conditions for Electronic Signatures and Amending Other Regulations inofficial version for industry consultation for official German text please refer to the Official Journal (Bundesgesetzblatt
More informationThe Statute of Frauds in the Digital Age - Maintaining the Integrity of Signatures
E LAW The Statute of Frauds in the Digital Age - Maintaining the Integrity of Signa... Page 1 of 18 E Law Search Subscribe Issue Subject Author Title Murdoch E LAW Murdoch University Electronic Journal
More informationHow To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationARCHIVED PUBLICATION
ARCHIVED PUBLICATION The attached publication, FIPS Publication 186-3 (dated June 2009), was superseded on July 19, 2013 and is provided here only for historical purposes. For the most current revision
More informationSoftware Tool for Implementing RSA Algorithm
Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key
More informationA KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL
A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL Wangjian, Xu Guoai, Zhangmiao National Engineering Laboratory for Disaster Backup and Recovery, Beijing University
More informationECE 646 - Lecture 1. Security Services. Need for information security. widespread use of data processing equipment: computer security
ECE 646 - Lecture 1 Security Services Need for information security widespread use of data processing equipment: computer security widespread use of computer networks and distributed computing systems:
More informationController of Certification Authorities of Mauritius
Contents Pg. Introduction 2 Public key Infrastructure Basics 2 What is Public Key Infrastructure (PKI)? 2 What are Digital Signatures? 3 Salient features of the Electronic Transactions Act 2000 (as amended)
More informationDigital Signatures and Interoperability
Setting Processes for Electronic Signature Dr. Joachim Schiff On behalf of the SPES Consortium Workgroup City of Saarbruecken IKS Nell-Breuning-Allee 1 D-66115 Saarbruecken Germany Tel. 0049 681 905 5000
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationBusiness Issues in the implementation of Digital signatures
Business Issues in the implementation of Digital signatures Much has been said about e-commerce, the growth of e-business and its advantages. The statistics are overwhelming and the advantages are so enormous
More informationA Digital Signature Scheme in Web-based Negotiation Support System
A Digital Signature Scheme in Web-based Negotiation Support System Yuxuan Meng 1 and Bo Meng 2 1 Department of Computer Science, University of Saskatchewan, Saskatoon, Saskatchewan, S7N 5C9, Canada yxmeng68@yahoo.ca
More informationArkansas Department of Information Systems Arkansas Department of Finance and Administration
Arkansas Department of Information Systems Arkansas Department of Finance and Administration Title: Electronic Signature Standard Document Number: SS 70 011 Effective Date: Act 722 of 2007 requires state
More informationETSI TS 101 456 V1.4.3 (2007-05)
TS 101 456 V1.4.3 (2007-05) Technical Specification Electronic Signatures and Infrastructures (ESI); Policy requirements for certification authorities issuing qualified certificates 2 TS 101 456 V1.4.3
More informationE-commerce Revision. Typical e-business Architecture. Routing and Addressing. E-Commerce Web Sites. Infrastructure- Packets, Routing and Addressing
E-Commerce Web Sites E-commerce Revision Companies create Web sites for very different reasons: simple proof-of concept sites Intranets (internal information) information-only sites for customers business-to-business
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationELECTRONIC SIGNATURES FACTSHEET
ELECTRONIC SIGNATURES FACTSHEET Electronic signatures mean that you can exchange information with others electronically and securely safe in the knowledge that everyone is who they claim to be and that
More informationDanske Bank Group Certificate Policy
Document history Version Date Remarks 1.0 19-05-2011 finalized 1.01 15-11-2012 URL updated after web page restructuring. 2 Table of Contents 1. Introduction... 4 2. Policy administration... 4 2.1 Overview...
More informationBill. Electronic Signatures 1)
Translation Note: The text has been amended in section 5(2) and is therefore identical to the final text of Act No. 417 of 31 May 2000. Only the Danish version of the text has legal validity. Bill No.
More informationNational Certification Authority Framework in Sri Lanka
National Certification Authority Framework in Sri Lanka By Rohana Palliyaguru Manager Operations & Principal Information Security Engineer What is digital Signature? According to UNCITRAL Text 25. Digital
More informationTHE ELECTRONIC SIGNATURE. ITS VALORIZATION AS A EVIDENTIARY MEANS IN NATIONAL OR INTERNATIONAL PENDING CASES JUDGED IN COURTS
THE ELECTRONIC SIGNATURE. ITS VALORIZATION AS A EVIDENTIARY MEANS IN NATIONAL OR INTERNATIONAL PENDING CASES JUDGED IN COURTS Abstract. George Măgureanu 1 In the European Union states, there is a variety
More informationGuidelines for the use of electronic signature
Republic of Albania National Authority for Electronic Certification Guidelines for the use of electronic signature Guide Nr. 001 September 2011 Version 1.3 Guidelines for the use of electronic signature
More informationDigital Signature Standard (DSS)
FIPS PUB 186-4 FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION Digital Signature Standard (DSS) CATEGORY: COMPUTER SECURITY SUBCATEGORY: CRYPTOGRAPHY Information Technology Laboratory National Institute
More informationThe Virginia Electronic Notarization Assurance Standard
The Virginia Electronic Notarization Assurance Standard Published by Secretary of the Commonwealth Richmond, Virginia January 1, 01 Version 1.0 Table of Contents Scope and Intent... 1 Definitions... Article
More informationUnderstanding and Integrating KODAK Picture Authentication Cameras
Understanding and Integrating KODAK Picture Authentication Cameras Introduction Anyone familiar with imaging software such as ADOBE PHOTOSHOP can appreciate how easy it is manipulate digital still images.
More informationUnderstanding digital certificates
Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk
More informationThe Legal Classification of Identity-Based Signatures
The Legal Classification of Identity-Based Signatures Christoph Sorge University of Paderborn 33098 Paderborn, Germany christoph.sorge@uni-paderborn.de Abstract Identity-based cryptography has attracted
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationCryptography and Key Management Basics
Cryptography and Key Management Basics Erik Zenner Technical University Denmark (DTU) Institute for Mathematics e.zenner@mat.dtu.dk DTU, Oct. 23, 2007 Erik Zenner (DTU-MAT) Cryptography and Key Management
More informationPkBox Technical Overview. Ver. 1.0.7
PkBox Technical Overview Ver. 1.0.7 14 September 2015 All the information in this document is and can t be used entirely or in part without a written permission from Intesi Group S.p.A. Le informazioni
More informationTrustis FPS PKI Glossary of Terms
Trustis FPS PKI Glossary of Terms The following terminology shall have the definitions as given below: Activation Data Asymmetric Cryptosystem Authentication Certificate Certificate Authority (CA) Certificate
More informationREPUBLIC OF LITHUANIA. LAW ON ELECTRONIC SIGNATURE
REPUBLIC OF LITHUANIA. LAW ON ELECTRONIC SIGNATURE CHAPTER I. GENERAL PROVISIONS... 1 ARTICLE 1. Purpose of the Law... 1 ARTICLE 2. Basic Definitions of this Law... 2 CHAPTER II. SIGNATURE CREATION, VERIFICATION,
More informationEUROPEAN PARLIAMENT AND COUNCIL DIRECTIVE. on a common framework for electronic signatures
COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 29.04.1999 COM(1999) 195 fmal 98/0191(COD) Amended proposal for a EUROPEAN PARLIAMENT AND COUNCIL DIRECTIVE on a common framework for electronic signatures
More informationRisk Reduction for Electronic Signing of Large Value Business Obligations. Michał Tabor
Risk Reduction for Electronic Signing of Large Value Business Obligations Michał Tabor Trusted Information Consulting Warsaw, 10 October 2013 Project BIO-PKI Biometric techniques and PKI in identity documents
More informationETSI TS 102 640-3 V2.1.1 (2010-01) Technical Specification
TS 102 640-3 V2.1.1 (2010-01) Technical Specification Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 3: Information Security Policy Requirements for REM Management
More informationACT. of 15 March 2002
215 ACT of 15 March 2002 on electronic signature and on the amendment and supplementing of certain acts as amended by Act No. 679/2004 Coll., Act No. 25/2006 Coll., Act No. 275/2006 Coll., Act No. 214/2008
More informationFulfilment of the Recovery and Recycling Obligations by Entrepreneurs in Podkarpackie Province
GEOMATICS AND ENVIRONMENTAL ENGINEERING Volume 5 Number 4 2011 Dorota PrzewoŸnik* Fulfilment of the Recovery and Recycling Obligations by Entrepreneurs in Podkarpackie Province 1. Introduction Legal regulations
More informationGuidelines and instructions on security for electronic data interchange (EDI) English translation 2011-06-23 based on Swedish version 2.
Guidelines and instructions on security for electronic data interchange (EDI) English translation 2011-06-23 based on Swedish version 2.0 This is an unofficial translation. In case of any discrepancies
More informationAn introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Mar.2010
An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Mar.2010 Understanding the information security Technology of Encryption and Electronic signature
More informationGT 6.0 GSI C Security: Key Concepts
GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationKey Management Interoperability Protocol (KMIP)
(KMIP) Addressing the Need for Standardization in Enterprise Key Management Version 1.0, May 20, 2009 Copyright 2009 by the Organization for the Advancement of Structured Information Standards (OASIS).
More informationChapter 10. Cloud Security Mechanisms
Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based
More informationKy Vu DeVry University, Atlanta Georgia College of Arts & Science
Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Table of Contents - Objective - Cryptography: An Overview - Symmetric Key - Asymmetric Key - Transparent Key: A Paradigm Shift - Security
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
More informationThe Global Standard for Digital Transaction Management. Legal Aspects
The Global Standard for Digital Transaction Management Legal Aspects V.10.0.2014 Definition of electronic signature. According to the Law 59/2003 on Electronic Signatures, it defines an electronic signature
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationSecure Signature Creation Device Protect & Sign Personal Signature, version 4.1
Zentrum für sichere Informationstechnologie Austria Secure Information Technology Center Austria A-1030 Wien, Seidlgasse 22 / 9 Tel.: (+43 1) 503 19 63 0 Fax: (+43 1) 503 19 63 66 A-8010 Graz, Inffeldgasse
More informationA New Efficient Digital Signature Scheme Algorithm based on Block cipher
IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 2278-0661, ISBN: 2278-8727Volume 7, Issue 1 (Nov. - Dec. 2012), PP 47-52 A New Efficient Digital Signature Scheme Algorithm based on Block cipher 1
More informationRecommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised)
NIST Special Publication 800-56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised) Elaine Barker, Don Johnson, and Miles Smid C O M P U T E R S E C
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationVulnerabilities of the usage of digital signature
Vulnerabilities of the usage of digital signature The efforts made concerning the use of the digital signature represent a significant step in the information technology. These efforts do not or just to
More informationApplying Cryptography as a Service to Mobile Applications
Applying Cryptography as a Service to Mobile Applications SESSION ID: CSV-F02 Peter Robinson Senior Engineering Manager RSA, The Security Division of EMC Introduction This presentation proposes a Cryptography
More informationSERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security
International Telecommunication Union ITU-T Y.2740 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (01/2011) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS
More information