Skip to main content
SpringerLink
Log in

Enhancing the Modularity and Applicability of Web-Based Signature-Verification Tools

  • Conference paper
  • First Online:
Web Information Systems and Technologies (WEBIST 2013)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 189))

Included in the following conference series:

  • 545 Accesses

Abstract

Electronic signature are an important concept and crucial tool for security-critical applications. Employing the full potential of electronic signatures requires the availability of appropriate signature-verification tools. Today, a plethora of different signature-verification tools exist that allow users to verify electronically signed files and documents. Unfortunately, most of these tools have been designed for a special use case and lack support for various fields of application. This renders the development of applications based on electronic signatures difficult and reduces usability for end users. To overcome this issue, we propose an improved architecture for signature-verification tools. This architecture ensures flexibility and an easy extensibility by following a plug-in-based approach. The applicability and practicability of the proposed architecture has been assessed by means of a concrete implementation. This implementation demonstrates the proposed architecture’s capability to meet requirements of various different application scenarios and use cases. This way, the proposed architecture and the developed implementation that relies on this architecture contribute to the security, usability, and efficiency of present and future electronic signature-based applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    These requirements basically cover the use of secure signature-creation devices (e.g. smart cards or similar secure elements) and reliance on qualified electronic signatures.

  2. 2.

    https://www.buergerkarte.at/

  3. 3.

    http://eid.belgium.be/en/

  4. 4.

    http://www.id.ee/

  5. 5.

    http://www.personalausweisportal.de

  6. 6.

    http://www.cartaodecidadao.pt/

  7. 7.

    http://www.dnielectronico.es/

  8. 8.

    https://www.handy-signatur.at/Default.aspx

  9. 9.

    http://e-estonia.com/components/mobile-id

  10. 10.

    http://www.unizeto.pl/

  11. 11.

    http://www.webnotarius.eu

  12. 12.

    http://www.signagate.de/

  13. 13.

    http://www.securedsigning.com/

  14. 14.

    http://www.ascertia.com/

  15. 15.

    https://joinup.ec.europa.eu/software/moa-idspss/description

  16. 16.

    https://joinup.ec.europa.eu/software/sd-dss/home

  17. 17.

    http://www.project.peppol.eu/

  18. 18.

    http://www.eu-spocs.eu/

  19. 19.

    Actually, the tool provides also a command line based user interface. However, this interface is not appropriate for an integration of the tool’s functionality into remote third-party applications either.

  20. 20.

    We were forced to define an own schema, since existing schemata were not able to meet our requirements.

References

  1. The European Parliament and the Council of the European Union: Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures (2000). http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2000:013:0012:0020:EN:PDF

  2. Leitold, H., Hollosi, A., Posch, R.: Security architecture of the Austrian Citizen card concept. In: Proceedings of 18th Annual Computer Security Applications Conference (ACSAC’2002), Las Vegas, 9–13 December 2002, pp. 391–400 (2002). IEEE Computer Society, ISBN 0-7695-1828-1, ISSN 1063-9527 (2002)

    Google Scholar 

  3. Zefferer, T., Tauber, A., Zwattendorfer, B., Knall, T.: Secure and reliable online-verification of electronic signatures in the digital age. In: Proceedings of the IADIS International Conference WWW/INTERNET 2011, pp. 269–276 (2011)

    Google Scholar 

  4. World Wide Web Consortium: Web Content Accessibility Guidelines (WCAG) 2.0 (2008). http://www.w3.org/TR/WCAG/

  5. RSA Laboratories: PKCS#7: Cryptographic Message Syntax Standard (1993). ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-7.asc

  6. Housley, R.: Cryptographic Message Syntax (CMS) (2009). http://www.ietf.org/rfc/rfc5652.txt

  7. Ramsdell, B., Turner, S.: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification (2010). http://tools.ietf.org/html/rfc5751

  8. World Wide Web Consortium: XML Signature Syntax and Processing, 2nd edn. (2008). http://www.w3.org/TR/xmldsig-core/

  9. Adobe Corporation: Document management Portable document format Part 1: PDF 1.7 (2008)

    Google Scholar 

  10. ETSI TS 101 903: Electronic Signatures and Infrastructures (ESI); XML Advanced Electronic Signatures (XAdES) V1.4.2 (2010)

    Google Scholar 

  11. European Commission: European Commission Decision, Establishing minimum requirements for the cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market, notified under document C (2011) 1081, 2011/130/EU (2011). http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:053:0066:0072:EN:PDF

  12. The European Parliament and the Council of the European Union: Directive 2006/123/EC of the European Parliament and of the Council of 12 December 2006 on services in the internal market (2006). http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2006:376:0036:0068:en:PDF

  13. Leitold, H., Posch, R., Rössler, T.: Media-break resistant eSignatures in eGovernment: an Austrian experience. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP AICT, vol. 297, pp. 109–118. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Leitold, H., Posch, R., Rössler, T.: Reconstruction of electronic signatures from eDocument printouts. Comput. Secur. 29, 523–532 (2010). Challenges for Security, Privacy and Trust

    Article  Google Scholar 

  15. Stranacher, K., Kawecki, T.: Interoperable Electronic Documents. In: Scholl, Flak, Janssen, Macintosh, Moe, Sbø, Wimmer, (eds.) Electronic Government and Electronic Participation - Joint Proceedings of Ongoing Research and Projects of IFIP EGOV and IFIP ePart 2012. Informatik, Trauner, vol. 39, pp. 81–88 (2012)

    Google Scholar 

  16. OASIS: Digital Signature Service Core Protocols, Elements, and Bindings Version 1.0 (2007). http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.pdf

  17. Gudgin, M., Hadley, M., Mendelsohn, N., Moreau, J.J., Nielsen, H.F.: Soap version 1.2 part 1: Messaging framework (2007). http://www.w3.org/TR/soap12-part1/

  18. Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T.: Hypertext transfer protocol – http/1.1 (1999). http://www.ietf.org/rfc/rfc2616.txt

  19. Bray, T., Paoli, J., Sperberg-McQueen, C., Maler, E., Yergeau, F., Cowan, J.: Extensible Markup Language (XML) 1.1, 2nd edn. (2006). http://www.w3.org/TR/2006/REC-xml11-20060816/

  20. Zefferer, T., Golser, F., Lenz, T.: Towards mobile government: verification of electronic signatures on smartphones. In: Technology-Enabled Innovation for Democracy, Government and Governance - Proceedings of the 2nd Joint International Conference on Electronic Government and the Information Systems Perspective and International Conference on Electronic Democracy, pp. 140–151 (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. E-Government Innovation Center, Inffeldgasse 16a, Graz, Austria

    Thomas Lenz & Klaus Stranacher

  2. Secure Information Technology Center - Austria, Inffeldgasse 16a, Graz, Austria

    Thomas Zefferer

Authors
  1. Thomas Lenz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Klaus Stranacher
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thomas Zefferer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas Lenz .

Editor information

Editors and Affiliations

  1. RWTH Aachen University, Aachen, Germany

    Karl-Heinz Krempels

  2. Virtual Vehicle Research Center, Graz, Austria

    Alexander Stocker

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lenz, T., Stranacher, K., Zefferer, T. (2014). Enhancing the Modularity and Applicability of Web-Based Signature-Verification Tools. In: Krempels, KH., Stocker, A. (eds) Web Information Systems and Technologies. WEBIST 2013. Lecture Notes in Business Information Processing, vol 189. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44300-2_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-44300-2_11

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-44299-9

  • Online ISBN: 978-3-662-44300-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation