Introducing CounterSign

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.
Proposal for an achievable, cost effective Security Concept for EOBRs C. Hardinge / A. Lindinger.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Nathan McMinn, Technical Consultant with Alfresco
Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
 A Web service is a method of communication between two electronic devices over World Wide Web.
Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.
MARK B. JONES PKI DEPLOYMENT FORUM MADISON, WI APRIL 16 TH, 2008 Why do I need a Digital ID?
Digital Signatures, Message Digest and Authentication Week-9.
DIGITAL SIGNATURE.
Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.
Chapter 11 Enhancing an Online Form and Using Macros Microsoft Word 2013.
Digital Signatures and Digital Certificates Monil Adhikari.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.
DIGITAL SIGNATURE(DS) IN VIDEO. Contents  What is Digital Signature(DS)?  General Signature Vs. Digital Signatures  How DS is Different from Encryption?
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Digital Disruption, Alfresco, and Digital Signatures Brian LaPointe VP Sales, Americas CoSign by ARX.
#SummitNow Introducing CounterSign Nathan McMinn Technical Consultant - Alfresco.
Presented by : Piero Milani ( InfoCamere - Italy)Piero Milani InfoCamere - Italy VCD Signature & VCD Verification strategy as seen by InfoCamere ( WP1.
Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.
222 About RPost Leader in security since 2000 Endorsed by more than 20 major bar/law associations Used by U.S. Government Used by insurance carriers.
 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.
IMAGE AUTHENTICATION TECHNIQUES Based on Automatic video surveillance (AVS) systems Guided by: K ASTURI MISHRA PRESENTED BY: MUKESH KUMAR THAKUR REG NO:
TAG Presentation 18th May 2004 Paul Butler
Key management issues in PGP
Contract Lifecycle Management In the Disruptive Age
VNF Package Integrity and Authenticity – Public key based
Unit 3 Section 6.4: Internet Security
Cryptography and Network Security
Cryptographic Hash Function
TAG Presentation 18th May 2004 Paul Butler
Public Key Encryption Systems
e-Health Platform End 2 End encryption
B. R. Chandavarkar CSE Dept., NITK Surathkal
Chapter 5: The Art of Ensuring Integrity
Introduction Used for communication to verify
Instructor Materials Chapter 5: The Art of Ensuring Integrity
S/MIME T ANANDHAN.
Digital Signature.
Class 2 Digital Signature Certificate Noida
NET 311 Information Security
Homework #5 Solutions Brian A. LaMacchia
ELECTRONIC MAIL SECURITY
Technical Approach Chris Louden Enspier
ELECTRONIC MAIL SECURITY
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
Automated Bulk Signing Solution
Digital Signatures…!.
Instructor Materials Chapter 5: The Art of Ensuring Integrity
Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.
E-Lock ProSigner ProSigner means “Professional Signer” signifying the software that can apply legally enforceable Advanced electronic signatures to electronic.
CDK: Chapter 7 TvS: Chapter 9
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Digital Signatures Reference: Pfleeger , Charles P., Security in Computing, 2nd Edition, Prentice Hall, /7/2019 Ref: Pfleeger96, Ch.4.
Meganet Corporation VME Sign 2004
Instructor Materials Chapter 5: Ensuring Integrity
Public Key Encryption Systems
iSecurity Password-Reset Training
Presentation transcript:

Introducing CounterSign Nathan McMinn Technical Consultant - Alfresco

What are Digital Signatures? “A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document” http://en.wikipedia.org/wiki/Digital_signature

3 Criteria for Digital Signatures Authenticity: Guarantees that a signer is who they say that they are Conveys intent, that the document was intentionally signed for the stated reason

3 Criteria for Digital Signatures Non-repudiation: Ensures that a signer cannot make a claim that their key is secure while simultaneously claiming that they did not sign a document Requires hard to forge signing artifacts

3 Criteria for Digital Signatures Integrity: Verification that a document or message has not been altered since it was signed

How do Digital Signatures Work? Create a hash of the document Sign the hash with a private key (Optionally) embed the signed hash in the document Digital signatures rely on asymmetric encryption to allow signing and verification

PDF vs. Everything Else PDF documents have separate areas for storing content and signatures. This enables a PDF document to have multiple embedded signatures that do not alter the content, and thus, the hash of the content remains consistent across signings. CounterSign supports this via iText

PDF vs. Everything Else, part 2 Any type of document can be signed, but the signature is (generally) a separate artifact With a combination of the document, the signature and the public key of the purported signer, the signature can be verified CounterSign supports this too, including creating signatures, attaching them to the doc, managing the artifacts and verifying the signature.

Project Origin and Direction Origin: The Alfresco PDF Toolkit PDF Toolkit has a digital signature function but it is best suited for automated system signatures set by content rules Not very user friendly for end-users that wish to apply signatures! CounterSign started as a branch in the PDF toolkit, until it became apparent that the scope would be beyond just PDF docs Fork time!

The Old Way The Alfresco PDF toolkit can apply signatures, but the interface is not very user friendly! Origin: The Alfresco PDF Toolkit PDF Toolkit has a digital signature function but it is best suited for automated system signatures set by content rules Not very user friendly for end-users that wish to apply signatures! CounterSign started as a branch in the PDF toolkit, until it became apparent that the scope would be beyond just PDF docs Fork time!

CounterSign Design Goals Simple for non-technical users Self-service (where possible) Simple to administer Self Contained - External PKI integration possible, but not required Regulatory / Standards compliance Self service in this context means enabling a user to automatically generate their own signing artifacts within the constraints laid out by the admin Regulatory requirements are focused on US FDA CFR21 Part 11 Desired standards compliance is focused on CAdES / PAdES / XAdES once dependency issues are resolved.

CounterSign Design Goals, API Java Service API – currently sparse, but growing JavaScript API Signature provider interface for external PKI integration Custom Actions for applying signatures, creating form fields and more Self service in this context means enabling a user to automatically generate their own signing artifacts within the constraints laid out by the admin Regulatory requirements are focused on US FDA CFR21 Part 11 Desired standards compliance is focused on CAdES / PAdES / XAdES once dependency issues are resolved.

A Word on Standards Current CounterSign release (1.0) cannot achieve CAdES / PAdES compliance for PDF documents due to a dependency in Alfresco. Working on it! BouncyCastle version shipped with Alfresco is incompatible with the versions of iText needed for CAdES / PAdES compliance.

Demo

Required Reading Bruno Lowagie’s whitepaper on PDF Signatures: http://itextpdf.com/book/digitalsignatures20130304.pdf

Project and Contact Info Nathan McMinn – Technical Consultant Twitter: @ntmcminn nathanmcminn.com CounterSign: https://github.com/ntmcminn/CounterSign

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.