Signature Creation Devices Research Articles

Method for Information Security Events Detection in a Cloud Signature Systems

The parameters and mechanisms that can be used as the basis for a method for detecting information security events in cloud signature systems, where the signature activation protocol is used, and the development of such a method are substantiated. The following parameters are proposed: the number of signed electronic documents, the number of incorrect authentication attempts to access the user’s personal key, the rate of comparing the hash value of the signed documents, and the rate of sending the hash value of the signed data in the signature creation device. It is recommended to base the method on the mechanisms of mathematical statistics in relation to the listed parameters. The description and results of testing the developed method, the number of false positive and false negative results of the analysis of information security events in cloud signature systems are presented. The obtained values turned out to be less than similar indicators typical for the results of analysis carried out using other existing methods. This is the main advantage of the proposed method compared to its analogues.

An integrated approach for electronic identification and central bank digital currencies

This paper outlines a proposal for how to implement Central Bank Digital Currencies (CBDC) based on open banking standards and supports both account-based and token-based CBDC models, transacting online and offline with immediate finality, while recognising the European PSD2 requirements, including (multi-factor) strong customer authentication (SCA). The authors recognise the limitations with current smartphone technologies with respect to deploying trusted applications and in performing the role of a qualified signature creation device - highly relevant to offline scenarios. In some cases, the authors recommend regulatory review, in others they recommend taking full advantage of the existing capabilities of the separated secure execution environment by dividing the control of a CBDC transaction between both payee and payer devices, so that if one device was compromised, this does not undermine the whole transaction. It balances the need for anonymity with financial crime regulatory requirements and suggests that a CBDC wallet can be enriched with eID capabilities, or vice versa. The wallet is bound to the person’s identity, their device and software via a chain of trust (eIDAS for the EU or similar for non-EU countries). The authors combine this with self-sovereign identity (SSI) principles to maximize privacy and minimize information sharing with a third party

May the advanced biometric electronic signature be applicable in public administration?

Electronic signature is a technology-neutral collective noun. Therefore, several different implementations compose the known types of electronic signatures. Many classifications may be defined, for instance from technological and legal aspects. In reference to acceptability, legal status of a given signature seems to be the most important attribute for transaction partners in the e-Administration. Full probative force is usually required by Public Administration and it is also a need for building trust between untrusted partners. It can be achieved by the well-known qualified electronic signature. The qualified signature creation method requires a secure qualified electronic signature creation device and qualified certificate, although in many cases a simpler but still secure signature is also able to fulfil legal requirements ensuring the validity of transactions. On the citizen side, device dependency and relating costs were considered the major obstacles against overall usage of electronic signature technology between 2005 and 2015. Our paper intends to argue that creating advanced electronic signature is not impossible by using the signatory's biometric data and it may also be an optionally client-friendly, but not a device-free part of the e-Administration, beside the citizen card.

A mobile network operator-independent mobile signature service

Electronic signature (e-signature) is an important element in electronic commerce and government applications because it guarantees non-repudiation of transactions. E-signatures generated in a secure signature creation device can be considered legally equivalent to a handwritten signature. Mobile devices based on SIM/USIM cards, which are broadly extended, are the ideal devices to create these e-signatures (named mobile signatures or m-signatures). Furthermore, thanks to m-signatures the development of m-signature-based applications becomes simpler for mobile application/service providers. There are several solutions to create m-signatures. However, current solutions present some problems: either they require that the solution is developed by every mobile network operator or the components to implement it in the mobile handset are too complex. As a solution to these problems we present an m-signature service that is not linked to a mobile network operator and where the client has more control over the signatures to perform them in an easier way. This paper presents the description and analysis of this new m-signature service as well as the prototype that is being tested in the University of Murcia.