1 Integrating digital signatures with relational database: Issues and organizational implications By Randal Reid, Gurpreet Dhillon. Journal of Database.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,
Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Principles of Information Security, 2nd edition1 Cryptography.
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies
Electronic mail security -- Pretty Good Privacy.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Web services security I
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Electronic Mail Security
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
1 Lesson Internet Organization network Fire wall.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
DIGITAL SIGNATURE.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
1 Session 4 Module 6: Digital signatures. Digital Signatures / Session4 / 2 of 18 Module 4, 5 - Review (1)  Java 2 security model provides a consistent.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.
Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Unit 3 Section 6.4: Internet Security
Computer Communication & Networks
S/MIME T ANANDHAN.
IS3230 Access Security Unit 9 PKI and Encryption
NET 311 Information Security
Security at the Application Layer: PGP and S/MIME
Secure Electronic Transaction (SET) University of Windsor
Electronic Payment Security Technologies
Electronic Mail Security
National Trust Platform
Presentation transcript:

1 Integrating digital signatures with relational database: Issues and organizational implications By Randal Reid, Gurpreet Dhillon. Journal of Database Management. Journal of Database Management. June 2003 Presented By Madhavi Kollu

2 Agenda/Topics to be covered  Encryption basics  Digital signature concepts  Normalization  Integration of Digital signatures and Relational databases  Conclusion

3 Encryption  Protects  The contents of a message  Insure confidentiality  Encryptions Types.  Symmetric Single key is usedSingle key is used  Asymmetric Two keys generated as a pairTwo keys generated as a pair  Figure 1 shows an asymmetric encryption

4 Encryption(2 )

5 Digital Signatures  Ensures  Data integrity  Authentication  Meets the E-sign act’s requirements  Figure 2 shows a digitally signed plain text message.

6 Digital Signatures(2)

7 Digital Signatures(3) Integrity of the Message Integrity of the Message  The data has not been modified since it was signed.  Cryptographic hash functions  SHA-1  MD5

8 Digital Signatures(4)  The hash is encrypted using sender’s private key.  The receiver runs the same hash algorithm against the plain text file.  The encrypted hash is decrypted using the sender’s public key. The two hashes are compared.  Figure 3 depicts the Digital signature process

9 Digital Signatures(5)

10 Digital Signatures(6) Authentication of the sender  Proof of the origin  Methodologies  The PGP (pretty good privacy) Provides authentication through a web-of-trust processProvides authentication through a web-of-trust process  X.509 structure Based on a hierarchical model, one trusted endorser, root certificate authorityBased on a hierarchical model, one trusted endorser, root certificate authority (Ex: (Ex:

11 Digital Signatures(7 )

12 Normalization  Prevents  Data redundancy  Data inconsistency  6 levels of normalizations are shown in Table 1.  Figure 5 is an example of this process.

13 Normalization(2)

14 Normalization(3)

15 Integration of digital signatures and Relational databases  Two Models of Integration  Separated model  Integrated model  Separated model  Manually transfers the data from the signed document into the relational database.  Stored electronically for later retrieval.  This model is shown in Figure 6.

16 Integration of digital signatures and Relational databases(2)

17 Integration of digital signatures and Relational databases(3)  Integrated model  The signed document is decomposed into elements and placed into the relational data structure including the digital signature and the certificate chain portions of the document.  To verify the transaction at a later point in time, the entire document is retrieved from the relational data structures and reassembled into its original form.  This model is shown in Figure 7.

18 Integration of digital signatures and Relational databases(4)

19 Comparing separate and integrated storage of signed documents Separate Model  Advantages  Inexpensive  Limitations  Redundancy and breakdown in the integrity of the system.  High error rates. Integrated Model  Advantages  Better performance and data integrity.  Limitations  Relatively high cost  Difficulty in the integration process

20 XML digital signature  XML digital signature specification. (  Advances in XML digital signatures incorporates confidentiality, authenticity, data integrity and non repudiation.  The format for an XML digital Signature is shown in Figure 8.

21 XML digital signature(2)

22 Discussion & Conclusion  Separated model is a low-cost, but the integrated model - provides better performance and data integrity  Available products such as DBsign from Gradkell Systems, Inc (  Challenges from an organizational standpoint in creating level of trust  Proper planning, tools and controls in place integration is achievable

23 QUESTIONS ???

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.