Logo des Repositoriums
 

Aspekte der Standardisierung bzgl. der Kommunikation zwischen Signatursoftware und Application-Server

dc.contributor.authorTeichmann, Till
dc.contributor.editorBrömme, Arslan
dc.contributor.editorBusch, Christoph
dc.date.accessioned2019-11-07T08:08:22Z
dc.date.available2019-11-07T08:08:22Z
dc.date.issued2003
dc.description.abstractThis document discusses aspects of standardisation of the communication between a signing application and an application server. In this context, the term signing application should denote a software with two main functions: the software has a secure viewer, to show the user exactly all the information that he would sign (WYSIWYS1), and it offers a signing functionality. In an application workflow based on digital signatures, the signing application is one part of the security infrastructure and needs special security functions to avoid manipulation to the program code. Furthermore, the operating system, the browser and contingently a java virtual machine (JVM) also must be protected, because they are the basic environment of the signing application. The correct functionality of signing application can not be guaranteed, if one of these three parts is being manipulated. To facilitate an efficient risk management, the user's environment will be classified into categories with different security levels. To avoid that the user's PIN2 can be intercepted, the use of a card reader with a pinpad is required. Lots of different signing applications can be found on the market at the moment. Each signing application demands the implementation of a different interface from application server. This lack of standardization inhibits a widespread usage of digital signatures. For the success of digital signatures it is important that many different applications use the digital signatures. If a web side provider wants to use digital signatures, he must decide, which signing applications he wants to support. For each signing application he must implement additional code in the application. The signing applications currently on the market do not only differ in their interface to the application server, but also in the implementation of the secure viewer. Possible approaches to alleviate the security issues and the lack of standardisation are analysed.de
dc.identifier.isbn3-88579-360-1
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/29658
dc.language.isode
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofBIOSIG 2003 – Biometrics and electronic signatures
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-31
dc.titleAspekte der Standardisierung bzgl. der Kommunikation zwischen Signatursoftware und Application-Serverde
dc.typeText/Conference Paper
gi.citation.endPage48
gi.citation.publisherPlaceBonn
gi.citation.startPage39
gi.conference.date24 July 2003
gi.conference.locationDarmstadt
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
GI-Proceedings.31-5.pdf
Größe:
76.92 KB
Format:
Adobe Portable Document Format