Extended electronic signature policies
Authors: 
Jorge L. Hernandez-Ardieta, Ana I. Gonzalez-Tablas, Benjamin Ramos, Arturo RibagordaAuthors Info & Claims
Jorge L. Hernandez-Ardieta, Ana I. Gonzalez-Tablas, Benjamin Ramos, Arturo RibagordaAuthors Info & ClaimsPages 268 - 277
Abstract
A signature policy collects the rules to create and validate electronic signatures under which they become binding in a particular transactional context. These policies have been widely adopted to enforce the binding property of signatures in business scenarios. However, current standards only cover the definition of the requirements to be fulfilled by a single signature. As a consequence, business models where more than one signature is required in order to make the transaction effective cannot adhere to the benefits of signature policies. This paper is the first to propose a solution where the dependences and relationships among the signatures generated in the same transaction can be established. In particular, the ASN.1 definition of an extended signature policy is presented along with the procedures to be followed by the transacting parties. This work will be submitted to the IETF PKIX Work Group to be considered as an Experimental Request For Comments document (RFC).
References
[1]
Electronic Signatures in Global and National Commerce Act, Federal Trade Commission, Department of Commerce, United States of America, 2000.
[2]
European Directive 1999/93/CE of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures.
[3]
UNCITRAL Model Law on Electronic Signatures with Guide to Enactment, United Nations, 2001.
[4]
ISO/IEC 13888-3 Information technology--Security techniques--Non repudiation--Part 3: Mechanisms Using Asymmetric Techniques. International Organization for Standardization, 1997.
[5]
ETSI TR 102 038--TC Security--Electronic Signatures and Infrastructures (ESI). XML format for signature policies v1.1.1. European Telecommunications Standards Institute (ETSI), April 2002.
[6]
ETSI TR 102 041--Signature Policies Report v1.1.1. European Telecommunications Standards Institute (ETSI), February 2002.
[7]
ITU-T Recommendation X.680. Information technology--Abstract Syntax Notation One (ASN.1): Specification of basic notation. ITU-T, 2002.
[8]
ETSI TR 102 045--Electronic Signatures and Infrastructures (ESI); Signature policy for extended business model v1.1.1. European Telecommunications Standards Institute (ETSI), March 2003.
[9]
ETSI TR 102 272--Electronic Signatures and Infrastructures (ESI); ASN.1 format for signature policies v1.1.1. European Telecommunications Standards Institute (ETSI), December 2003.
[10]
ETSI TS 101 903--XML Advanced Electronic Signatures (XAdES) v1.3.2. European Telecommunications Standards Institute (ETSI), March 2006.
[11]
ETSI TS 101 733--Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES) v1.7.4. European Telecommunications Standards Institute (ETSI), July 2008.
[12]
D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. RFC 5280--Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. Internet Engineering Task Force (IETF), 2008.
[13]
J. C. Cruellas, G. Karlinger, D. Pinkas, and J. Ross. XML Advanced Electronic Signatures (XAdES). World Wide Web Consortium (W3C), 2003.
[14]
J. L. Hernandez-Ardieta, A. I. Gonzalez-Tablas, B. R. Alvarez. An Optimistic Fair Exchange Protocol based on Signature Policies. Computers&Security, 27(7-8):309--322, December 2008.
[15]
S. Kremer, O. Markowitch, and J. Zhou. An intensive survey of fair non-repudiation protocols. Computer Communications, 25:1601--1621, April 2002.
[16]
D. Pinkas, N. Pope, and J. Ross. RFC 5126--CMS Advanced Electronic Signatures (CAdES). Internet Engineering Task Force (IETF), 2008.
[17]
I. Ray and I. Ray. Fair exchange in e-commerce. ACM SIGecom Exchange, 3(2):9--17, May 2002.
[18]
J. Ross, D. Pinkas, and N. Pope. RFC 3125--Electronic Signature Policies. Internet Engineering Task Force (IETF), 2001.
Recommendations
Breaking the short certificateless signature scheme
Certificateless cryptography eliminates the need of certificates in the Public Key Infrastructure and solves the inherent key escrow problem in the identity-based cryptography. Recently, Huang et al. proposed two certificateless signature schemes from ...
An optimistic fair exchange protocol based on signature policies
The growth of the e-commerce has allowed companies and individuals to sell and purchase almost any kind of product and service through the Internet. However, during the purchase transaction there is a moment during which the seller has sensitive ...
Self-certified threshold proxy signature schemes with message recovery, nonrepudiation, and traceability
In this paper, we propose a new (t,n) threshold proxy signature scheme, in which at least t out of n proxy signers delegated by the original signer can sign messages on behalf of the original signer. The proposed scheme has the following main properties:...
Comments
Information & Contributors
Information
Published In
October 2009
322 pages
ISBN:9781605584126
DOI:10.1145/1626195
- General Chairs:
- Atilla Elçi,
- Oleg Makarevich,
- Mehmet Orgun,
- Program Chairs:
- Alexander Chefranov,
- Josef Pieprzyk,
- Yuri Anatolievich Bryukhomitsky,
- Sıddıka Berna Örs
Copyright © 2009 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 06 October 2009
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
SIN '09
Sponsor:
SIN '09: 2nd International Conference of Security of Information and Networks
October 6 - 10, 2009
Famagusta, North Cyprus
Acceptance Rates
Overall Acceptance Rate 102 of 289 submissions, 35%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 264Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 04 Oct 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in