A centre of expertise in digital information management www.ukoln.ac.uk UKOLN is supported by: Signed metadata : method and application International Conference.

Slides:



Advertisements
Similar presentations
Adding OAI-ORE Support to Repository Platforms Alexey Maslov, Adam Mikeal, Scott Phillips, John Leggett, Mark McFarland Texas Digital Library TCDL09.
Advertisements

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
A centre of expertise in digital information management Approaches To The Validation Of Dublin Core Metadata Embedded In (X)HTML Documents Background The.
UKOLN is supported by: JISC Information Environment update Repositories and Preservation Programme meeting, October 24-25, 2006 Rachel Heery UKOLN
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
A centre of expertise in data curation and preservation MIS Seminar :: University of Edinburgh :: 2 October 2006 Funded by: This work is licensed under.
An Introduction to MODS: The Metadata Object Description Schema Tech Talk By Daniel Gelaw Alemneh October 17, 2007 October 17, 2007.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Grid Security. Typical Grid Scenario Users Resources.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
A centre of expertise in digital information management UKOLN is supported by: Eprints Application Profile UK Repositories Search Project.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
A centre of expertise in digital information management UKOLN is supported by: Signed metadata : method and application International Conference.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
1 Lecture 18: Security issues specific to security key management services –privacy –integrity/authentication –nonrepudiation/plausible deniability.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Chinese-European Workshop on Digital Preservation, Beijing July 14 – Network of Expertise in Digital Preservation 1 Trusted Digital Repositories,
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
Scalable Security and Accounting Services for Content-based Publish/Subscribe Systems Himanshu Khurana NCSA, University of Illinois.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Ad Hoc Networks Curtis Bolser Miguel Turner Kiel Murray.
The Metadata Object Description Schema (MODS) NISO Metadata Workshop May 20, 2004 Rebecca Guenther Network Development and MARC Standards Office Library.
Indo-US Workshop, June23-25, 2003 Building Digital Libraries for Communities using Kepler Framework M. Zubair Old Dominion University.
Unit 1: Protection and Security for Grid Computing Part 2
Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
1 Metadata –Information about information – Different objects, different forms – e.g. Library catalogue record Property:Value: Author Ian Beardwell Publisher.
Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.
Matej Bel University Cascaded signatures Ladislav Huraj Department of Computer Science Faculty of Natural Sciences Matthias Bel University Banska Bystrica.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
OAI Overview DLESE OAI Workshop April 29-30, 2002 John Weatherley
© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 ICT and E-Business Strategies For Development Geneva, October.
Automatic Metadata Discovery from Non-cooperative Digital Libraries By Ron Shi, Kurt Maly, Mohammad Zubair IADIS International Conference May 2003.
Jabber Technical Overview Presenter: Ming-Wei Lin.
Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.
A centre of expertise in digital information management UKOLN is supported by: Functional Requirements Eprints Application Profile Working.
Open Archive Forum Rachel Heery UKOLN, University of Bath UKOLN is funded by Resource: The Council for Museums, Archives.
Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.
Differences and distinctions: metadata types and their uses Stephen Winch Information Architecture Officer, SLIC.
Metadata-based Discovery: Experience in Crystallography UKOLN is supported by: Monica Duke UKOLN, University of Bath, UK A centre of.
Lifecycle Metadata for Digital Objects October 9, 2002 Transfer / Authenticity Metadata.
Doc.: IEEE /0098r0 Submission July 2010 Alex Reznik, et. al. (InterDigital)Slide Security Procedures Notice: This document has been.
A centre of expertise in digital information management UKOLN is supported by: IEMSR, the Information Environment & Metadata Application.
A centre of expertise in digital information management UKOLN is supported by: Metadata – what, why and how Ann Chapman.
Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.
A centre of expertise in digital information management 10 minute practical guide to the JISC Information Environment (for publishers!)
Online Information and Education Conference 2004, Bangkok Dr. Britta Woldering, German National Library Metadata development in The European Library.
 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.
TAG Presentation 18th May 2004 Paul Butler
Key management issues in PGP
TAG Presentation 18th May 2004 Paul Butler
Flexible Extensible Digital Object Repository Architecture
Flexible Extensible Digital Object Repository Architecture
Digital Signature.
Outline Pursue Interoperability: Digital Libraries
X-Road as a Platform to Exchange MyData
Open Archive Initiative
PKI (Public Key Infrastructure)
Presentation transcript:

A centre of expertise in digital information management UKOLN is supported by: Signed metadata : method and application International Conference on Dublin Core and Metadata Applications, 3 – 6 October 2006, Mexico Julie Allinson (presenter) Repositories Research Officer UKOLN, University of Bath Emma Tonkin (author) Interoperability Focus Officer UKOLN, University of Bath

A centre of expertise in digital information management Contents Overview Introduction Brief background on digital signatures Signing DC metadata – approaches and issues Use cases

A centre of expertise in digital information management Overview Why do we need to digitally sign metadata records? Currently, we (probably) don’t, but … increasing numbers of metadata providers + additional ways of reusing data = increasing issues of trust, provenance and identity Digitally signing metadata records through a Public-Key Infrastructure (PKI) is one potential solution

A centre of expertise in digital information management Introduction The current digital library world works on –Implicit trust - metadata providers are trusted because we ‘know’ them –Explicit trust – e.g. the OAI-PMH tag provides information –A small network of trusted and responsible organisations In the future, we can envisage –Metadata-enabled filesystems –Increased informal metadata tagging services –Larger-scale networks –More opportunities for abuse, e.g. spamming –Less accountability and responsibility (= less trust)

A centre of expertise in digital information management Digital signatures Date back to 1976 Use cryptographic techniques Similar to handwritten signatures Permit the verification of messages The most common solution is Public- Key Infrastructure (PKI)

A centre of expertise in digital information management PKI – how does it work? A digital signer has 2 keys –Private key – used to create the signature –Public key – used by third-parties to verify the author Public keys are distributed by a distribution system, e.g. a key server containing keys and identity information PKI is useful in establishing a network of trust … but it has limitations –It is possible to produce a key with fictitious, false or stolen identity

A centre of expertise in digital information management Signing Dublin Core metadata Dublin Core is unusual in that it can be represented in different ways, e.g. XML, RDF, XHTML Approaches –The XML Signatures standard provides flexible methods for signing and verifying data objects in XML An XML metadata record could be wrapped within an XML Signature –OpenPGP is an alternative mechanism OpenPGP could be used to sign the name-value pairs within a metadata record A standardised approach is required for both mechanisms

A centre of expertise in digital information management XML Signatures (1) ( ( )? )+ ( )? ( )* “XML digital signatures are represented by the Signature element which has the following structure (where "?" denotes zero or one occurrence; "+" denotes one or more occurrences; and "*" denotes zero or more occurrences)” (from )

A centre of expertise in digital information management XML Signatures (2) Reference URI=' signed-dc-record'> (the type of signature used) (contains the signature, an encrypted value) signed-dc-record

A centre of expertise in digital information management UKOLN... UKOLN, University of Bath " (see )

A centre of expertise in digital information management Minimum components of a signature XML Signatures is not the only method for signing metadata. The following information would be needed for any signature: –character set, encoding –current character encoding (to enable conversion) –signature method (e.g. sha1) –ID - the ID of the signer, could be an address –the signature itself, analogously referred to in XML- Signature as 'digestvalue‘ –Information about the signed item, such as the metadata schema for example, use of 'oai-dc‘ might be taken to mean 'expect all of the oai-dc elements to be present in key-value pairs, check the signature over all of them'

A centre of expertise in digital information management Issues in signing metadata Changes in encoding and/or character set will invalidate signatures A signature is also invalidated if changes are made to the metadata record. The ‘new’ package should be re-signed by whoever makes those changes and the original signed package is effectively lost. How do we maintain the integrity of the original signature and the original metadata record? Alternative methods –digital amendments or annotations appended outside of the original package Information supplied by an OAI harvester might be signed by the OAI harvester (amendments/annotations) and/or by the repository (unchanged metadata). –Undersigning all metadata by the harvester offers a kind of ‘traceroute’ to show the history of that record –But it could lead to large packets of metadata being transferred around networks

A centre of expertise in digital information management Provenance in aggregation Currently –aggregators are most likely to harvest content from the originating repository In the future the repository ecology looks much more complex –increased repository numbers and sharing metadata between repositories –more aggregators and aggregation of content from more sources –increased availability of informal metadata sources Current trust mechanisms (perceived integrity of the source) do not scale PKI could be used to identify the origination of the metadata and its route through other repositories and/or aggregators

A centre of expertise in digital information management Potential applications A public-key infrastructure adds complexity, resource and infrastructure overheads It is valuable only where the functionality is explicitly required or provides clear advantages Some examples –Provenance in aggregation –A distributed metadata cloud –Metadata handling and trust in mobile devices and ad- hoc networks

A centre of expertise in digital information management Distributed metadata cloud = a loosely coupled, interoperating collection of heterogeneous metadata sources and other services Information is seamlessly passed between members of the ‘cloud’ Identifying provenance and identity provides –A trust mechanism for assessing the potential value of information –A verifiable transmission path and origin of annotations –Access to additional information about the data source

A centre of expertise in digital information management Mobile devices and ad hoc networks In a centralised system it is relatively easy to ascertain the originator of information … but with increasingly pervasive ad hoc Internet access offered in a decentralised way lightweight PKI can help identify each stage in the chain and thereby help us distinguish the spam from the trusted

A centre of expertise in digital information management Conclusion Issues of provenance and identity are dealt with in the current digital library realm by the perceived integrity of a source As the number of metadata sources and aggregators increase, these informal mechanisms may prove insufficient and metadata may be subject to abuse Digitally signing metadata records can help to identify provenance Public key infrastructure functionality offers particular cryptographic methods to digitally signing metadata And can help to create new networks of trust

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.