Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-signature Strategies Alan S. Kowlowitz Strategic Policies, Acquisitions and e-Commerce NYS Office for Technology.

Published byNickolas Harrington Modified over 9 years ago

Similar presentations

Presentation on theme: "E-signature Strategies Alan S. Kowlowitz Strategic Policies, Acquisitions and e-Commerce NYS Office for Technology."— Presentation transcript:

1 E-signature Strategies Alan S. Kowlowitz Strategic Policies, Acquisitions and e-Commerce NYS Office for Technology

2 Outline of Class Overview of Electronic Signatures and Records Act (ESRA) Overview of Electronic Signatures and Records Act (ESRA) Explanation of ESRA’s definition of an e- signature Explanation of ESRA’s definition of an e- signature Available approaches to electronic signing Available approaches to electronic signing Guidance on selecting an e-signature approach Guidance on selecting an e-signature approach Records management implications of e- signed e-records Records management implications of e- signed e-records

3 Overview of Electronic Signatures and Records Act (ESRA)

4 ESRA Chapter 4, Laws of 1999: State Technology Law, Article 1 E-records and e-signatures given the same legal validity as paper records and ink signatures E-records and e-signatures given the same legal validity as paper records and ink signatures OFT Electronic Facilitator overseeing implementation OFT Electronic Facilitator overseeing implementation Use of e-signatures and records is voluntary Use of e-signatures and records is voluntary –Govt. must accept hard copies unless otherwise provided by law

5 ESRA Chapter 4, Laws of 1999: State Technology Law, Article 1 E-signatures and records can’t be used for: E-signatures and records can’t be used for: –Negotiable instruments –Instruments recordable under Art. 9 of the RPL (e.g., deeds) –Other instruments whose possession confers title –Documents affecting life and death (Wills, Trusts, Do-not-resuscitate orders, Powers of attorney, Health care proxies)

6 ESRA Amended by Chapter 314 Laws of New York, 2002 Amends and expands the definition of “electronic signature” to comport with the federal E-Sign Law Amends and expands the definition of “electronic signature” to comport with the federal E-Sign Law –Authorizes the use of various e-signature approaches in NYS OFT retains its role as “electronic facilitator” and regulator of e-signature/record OFT retains its role as “electronic facilitator” and regulator of e-signature/record Adopted into law on August 6, 2002 Adopted into law on August 6, 2002 Final regulations published in May 2003 Final regulations published in May 2003 Revised ESRA Guidelines in process Revised ESRA Guidelines in process

7 ESRA Definition of an E- signature

8 an electronic sound, symbol, or process, attached to or logically associated with an electronic record and executed or adopted by a person with the intent to sign the record. –Affords the greatest possible flexibility in selecting an appropriate e-signature solution –Sets some parameters on what constitutes an e- signature under ESRA

9 ESRA Definition of an E-signature “[A]n electronic sound, symbol, or process...” “[A]n electronic sound, symbol, or process...” –A wide range of “digital objects” may serve as an e-signature »Can be as simple a set of keyboarded characters or as sophisticated as an encrypted hash of a e-record’s contents – Allows a process to serve as an e-signature »Recorded events of accessing a system are associated with the content to be signed to create a record of the signer’s actions and intent

10 ESRA Definition of an E-signature “[A]ttached to or logically associated with...” “[A]ttached to or logically associated with...” –An e-signature is attached to or logically associated with an e-record during transmission and storage »Can be part of the record or maintained separately but associated to the record through a database, index, embedded link or other means »Link between e-record and e-signature must be Created at signing and maintained during any transmission Created at signing and maintained during any transmission Retained as long as a signature is needed which may be the record’s full legal retention period Retained as long as a signature is needed which may be the record’s full legal retention period

11 ESRA Definition of an E-signature “[E]xecuted or adopted by a person with intent to sign the record.” “[E]xecuted or adopted by a person with intent to sign the record.” –E-signature must express the same intent as a handwritten one –Must identify an individual who will convey intent –Practices that may help avoid confusion: »Allow the signer to review the record to be signed »Inform the signer that a signature is being applied »Format an e-record to contain accepted signature elements »Express signer’s intent in the record or a certification »Require the signer to indicate assent affirmatively »Record and retain date, time, and the signer intent

12 Example of a signature certification statement from the Department of Tax and Finance International Fuel Tax Agreement (IFTA) report (return) filing application.

13 Available Approaches to Electronic Signing

14 E-signature Approaches Most e-signature approaches involve a number of technologies, credentials, and processes Most e-signature approaches involve a number of technologies, credentials, and processes –More accurate to think of a range of approaches to e-signing rather than an array of stand-alone technologies Approaches provide varying levels of security, authentication, and record integrity Approaches provide varying levels of security, authentication, and record integrity –Can combine techniques from various approaches to increase the strength of the above-mentioned attributes

15 Click Through or Click Wrap Person affirms intent or agreement by clicking a button Person affirms intent or agreement by clicking a button ID information collected, authentication process (if any) and security procedures can vary greatly ID information collected, authentication process (if any) and security procedures can vary greatly Commonly used for low risk, low value consumer transactions Commonly used for low risk, low value consumer transactions

16 Personal Identification Number (PIN) or Password (“shared secret”) Person enters ID information, PIN and/or password Person enters ID information, PIN and/or password System checks that the PIN and/or password is associated with the person System checks that the PIN and/or password is associated with the person Authentication is the first part of a process that involves an affirmation of intent Authentication is the first part of a process that involves an affirmation of intent If over the Internet, the PIN and/or password is often encrypted using Secure Sockets Layer (SSL) If over the Internet, the PIN and/or password is often encrypted using Secure Sockets Layer (SSL)

17 Digitized Signature and Signature Dynamics Digitized Signature Digitized Signature –A graphical image of a handwritten signature often created using a digital pen and pad –A graphical image of a handwritten signature often created using a digital pen and pad –The entered signature is compared with a stored copy; if the images are comparable, the signature is valid –The entered signature is compared with a stored copy; if the images are comparable, the signature is valid Signature Dynamics Signature Dynamics –Variation on a digitized signature –Each pen stroke is measured (e.g. duration, pen pressure, size of loops, etc), creating a metric –The metric is compared to a reference value created earlier, thus authenticating the signer

18 Shared Private Key Also known as “symmetric cryptography” Also known as “symmetric cryptography” E-record is signed and verified using a single cryptographic key E-record is signed and verified using a single cryptographic key The key is shared between the sender and recipient(s) The key is shared between the sender and recipient(s) –Not really "private" to the sender A private key can be made more secure by incorporating other security techniques A private key can be made more secure by incorporating other security techniques –Smart cards or other hardware tokens in which the private key is stored

19 Public/Private Key Digital Signatures  Also know as Asymmetric Cryptography  Key Pair: Two mathematically related keys One key used to encrypt a message that can only be decrypted using the other key One key used to encrypt a message that can only be decrypted using the other key Cannot discover one key from the other key Cannot discover one key from the other key  Private Key: Kept secret and used to create a Digital Signature – Public Key: Often made part of a “digital certificate”and used to verify a digital signature by a receiving party Often used within a Public Key Infrastructure (PKI) Often used within a Public Key Infrastructure (PKI) –Certification Authority(CA) binds individuals to private keys and issues and manages certificates

20 BobAlice  Encrypt message digest with Private Key  Validate message digest with Public Key Hash algorithm Hi Alice Sincerely, Bob = 12345 Encrypts digest with Bob’s Private Key 12345 ##!FV += Hash algorithm Hi Alice Sincerely, Bob = 12345 Decrypts digest with Bob’s Public Key 12345 ##!FV += Hi Alice Sincerely, Bob ##!FV Certificate Digital Signatures Public/Private Key Cryptography

21 Biometrics Person’s unique physical characteristic are measured and converted into digital form or profile Person’s unique physical characteristic are measured and converted into digital form or profile –Voice patterns, fingerprints, and the blood vessel patterns present on the retina Measurements are compared to a stored profile of the given biometric Measurements are compared to a stored profile of the given biometric If the measurements and stored profile match, the software will accept the authentication If the measurements and stored profile match, the software will accept the authentication Can provide a high level of authentication Can provide a high level of authentication

22 Smart Card Not a separate e-signature approach in itself Not a separate e-signature approach in itself –It can facilitate various e-signature approaches A plastic card containing an embedded chip A plastic card containing an embedded chip –Can generate, store, and/or process data –Can generate, store, and/or process data Data from the card's chip is read by software Data from the card's chip is read by software –After a PIN, password or biometric identifier is entered More secure than a PIN alone More secure than a PIN alone –Both physical possession of the smart card and knowledge of the PIN is necessary Can be used to overcome concerns with shared secret approach to e-signature Can be used to overcome concerns with shared secret approach to e-signature

23 Additional Factors Each general approach to e-signing (e.g. PINs and passwords vs. digital signatures) varies in terms of: Each general approach to e-signing (e.g. PINs and passwords vs. digital signatures) varies in terms of: –Identifying the signer –Attributing a signature –Securing the integrity of both the record and the signature Each can increase security and reduce risk Each can increase security and reduce risk –Often independent of the technology selected

24 Signer identification or registration Method or process used to identify and authorize a signer to use an e-signature Method or process used to identify and authorize a signer to use an e-signature –Independent of the e-signature or e-record technology –Critical component of any e-signature solution –The stronger the identification method the more assurance that the appropriate person signed

25 Signer identification or registration Methods Self-identification as part of the signing process Comparison of user supplied information with a trusted data source Acceptance of a previously conducted and trusted process where individuals personally presented themselves and proof of identities Separate identification process to authorize the use of an e-signature where individuals personally present themselves and proof of identities

26

27 Signer Authentication Policy, process and procedures used to authenticate the signer Policy, process and procedures used to authenticate the signer Establish a link or association between the signer and the information and method used to sign Establish a link or association between the signer and the information and method used to sign The strength of the authentication system, can protect against fraud and repudiation The strength of the authentication system, can protect against fraud and repudiation

28 Signer Authentication Methods Something that only the individual knows: A secret (e.g., password or Personal Identification Number (PIN)) Something that only the individual knows: A secret (e.g., password or Personal Identification Number (PIN)) Something the individual possesses: A token (e.g., ATM card, cryptographic key or smart card) Something the individual possesses: A token (e.g., ATM card, cryptographic key or smart card) Something the individual is: A biometric (e.g., characteristics such as a voice pattern or fingerprint) Something the individual is: A biometric (e.g., characteristics such as a voice pattern or fingerprint) Two factor authentication: often includes use of hardware device such as a smart card Two factor authentication: often includes use of hardware device such as a smart card

29

30 Signature attests to the record’s integrity E-signature approaches provide varying levels of protection against unauthorized access or tampering with the signed e-record E-signature approaches provide varying levels of protection against unauthorized access or tampering with the signed e-record –Systems that manage signed e-records can provide protection if they have controls –Controls may be needed to ensure that the integrity of the signed e-record is not compromised during transmission –Added security is provided by approaches in which signature validation ensures that the e-record has not been modified » »Digital signatures

31 Selecting an E-signature Approach A business decision not just a technical one

32 Is an e-signature needed or desirable? Review requirements and risks Review requirements and risks –Creating and maintaining signed e-records may require more resources than unsigned ones Consider the following questions: Consider the following questions: –Is there a legal requirement for a signature? »Statute of Frauds requires certain contracts to be signed »Specific laws and regulations require signatures – Is there a business need for a signature? »Document that the signer attested to information’s accuracy, agreed to conditions, and/or reviewed contents »Higher risk transactions may need the protection against fraud or repudiation provided by e-signatures

33 Business Analysis and Risk Assessment ESRA regs § 540.4 (c) require govt. entities to conduct and document a business analysis and risk assessment: ESRA regs § 540.4 (c) require govt. entities to conduct and document a business analysis and risk assessment: –identifying and evaluating various factors relevant to the selection of an electronic signature for use or acceptance in an electronic transaction. Such factors include, but are not limited to, relationships between parties to an electronic transaction, value of the transaction, risk of intrusion, risk of repudiation of an electronic signature, risk of fraud, functionality and convenience, business necessity and the cost of employing a particular electronic signature process.

34 Business Analysis and Risk Assessment Purpose: Purpose: –To identify and evaluate factors relevant to selecting an e-signature approach –Does not proscribe a method or set a standard –Protects interest in the use of sound technology and practices when transacting business electronically Business analysis and risk assessment are two parts of an integrated process Business analysis and risk assessment are two parts of an integrated process

35 Business Analysis Possible components Possible components –Overview of the business process –Analysis of legal and regulatory requirements –Identification of standards or accepted practices –Analysis of those who will use e-signature –Determination of interoperability requirements –Determination of costs of alternatives

36 Business Analysis Overview of business process and transaction Purpose and origins Purpose and origins Transactions place within the larger business process Transactions place within the larger business process Services to be delivered and their value Services to be delivered and their value Parties to the transaction and other stakeholders Parties to the transaction and other stakeholders Transaction’s workflow Transaction’s workflow

37 Business Analysis Analysis of legal and regulatory requirements How the transaction must be conducted How the transaction must be conducted Signature requirements Signature requirements –Are they specifically required, what records need to be signed, who must or can sign, do they need to be notarized Records related requirements Records related requirements –What records must be produced –How long do they need to be retained, –Who must or can have access to the records –Specific formats proscribed for the creation, filing or retention –Confidentiality requirements Importance of the parties’ identities to the transaction Importance of the parties’ identities to the transaction

38 Business Analysis Identification of standards or accepted practices on how e-transactions are conducted and e-signed Identification of standards or accepted practices on how e-transactions are conducted and e-signed –May be key factor in selecting a solution Analysis of parties to e-signed transaction Analysis of parties to e-signed transaction –Numbers –Location –Demographic characteristics –Access to technology –Accessibility requirements –Prior business relationships

39 Business Analysis Interoperability requirements Compatibility with an existing technology environment Compatibility with an existing technology environment Interoperability or consistency with approaches used by partners Interoperability or consistency with approaches used by partners –Governmental or private Leveraging an existing and proven solution Leveraging an existing and proven solution

40 Business Analysis Cost of alternative approaches Hardware and software purchases Hardware and software purchases Implementing additional policies and procedures Implementing additional policies and procedures Personnel to implement policies, procedures, or services Personnel to implement policies, procedures, or services Training costs Training costs Maintenance costs including help desk and user support Maintenance costs including help desk and user support

41 Risk Assessment E-signatures may serve a security function E-signatures may serve a security function –They usually include signer authentication –Some approaches provide message authentication and repudiation protection Selection of an e-signature solution includes identifying Selection of an e-signature solution includes identifying –Potential risks involved in a signed e-transaction –How e-signature approaches can address those risks

42 Risk Assessment Risk is the likelihood that a threat will exploit a vulnerability, and have an adverse impact Risk is the likelihood that a threat will exploit a vulnerability, and have an adverse impact –Threat is a potential circumstance, entity or event capable of exploiting vulnerability and causing harm –Vulnerability is a weakness that can be accidentally triggered or intentionally exploited –Impact refers to the magnitude of harm that could be caused by a threat –Likelihood that a threat will actually materialize To assess risks an entity should identify and analyze each of the above To assess risks an entity should identify and analyze each of the above

43 Risk Assessment Sources of threat –Parties to the transaction –Governmental entity staff –Malicious third parties such as hackers or crackers

44 Risk Assessment Vulnerabilities Repudiation Repudiation –Possibility that a party to a transaction denies that it ever took place Fraud Fraud –Knowing misrepresentation of the truth or concealment of facts to induce another to act to his or her detriment Intrusion Intrusion –Possibility that a third party intercepts or interferes with a transaction Loss of access to records Loss of access to records –For business and legal purposes

45 Risk Assessment Potential Impacts Financial Financial –Average dollar value of transactions –Direct loss to the governmental entity, citizen or other entity –Liability for the transaction Reputation and credibility Reputation and credibility – Relationship with the other involved party – Public visibility and perception of programs – History or patterns of problems or abuses – Consequences of a breach or improper transaction Productivity Productivity – Time criticality of transactions – Number of transactions, system users, or dependents – Backup and recovery procedures – Claims and dispute resolution procedures

46 Risk Assessment Likelihood Motivation and capability of threat Motivation and capability of threat Nature of the vulnerability Nature of the vulnerability Existence and effectiveness of controls Existence and effectiveness of controls A threat is highly likely where: A threat is highly likely where: –Its source is highly motivated and capable –Controls are ineffective

47 Risk Assessment Risk Matrix High Risk =11-16 Medium Risk =8-10 Low Risk =4-7 Negligible Risk =1-3

48 Select an E-signature Solution Balance business concerns (e.g., user acceptance and ease of deployment) with risk reduction Balance business concerns (e.g., user acceptance and ease of deployment) with risk reduction Identify overriding concerns Identify overriding concerns –An overriding factor might be compatibility with an existing standard or solution –Cost may be an overriding factor where risk is low

49 Cost-Benefit Analysis Cost-Benefit Analysis Can help entities decide on how to allocate resources and implement a cost-effective e-signature solution Can help entities decide on how to allocate resources and implement a cost-effective e-signature solution –Used to evaluate feasibility and effectiveness for each proposed solution to determine which are appropriate –Can be qualitative or quantitative –Demonstrates that a solution’s cost is justified by reducing risk Cost-benefit analysis can encompass the following Cost-benefit analysis can encompass the following –Determining the impact of implementing the solution –Determining the impact of not implementing it –Estimating the costs of the implementation –Assessing costs and benefits against system and data criticality

50 Documenting a Business Analysis and Risk Assessment ESRA regulation requires that the BA and RA be documented ESRA regulation requires that the BA and RA be documented –How, or in what detail is up to the governmental entity Minimum documentation should cover Minimum documentation should cover –Process used including factors mentioned in the ESRA regulation –Result and decision reached including justification The resulting documentation should be The resulting documentation should be –Accurate and readily available –Clear and understandable to an outside audience –Retained as long as the e-signature solution is used

51 Signed E-records Management Issues

52 Same issues as with unsigned e-records Same issues as with unsigned e-records –Focus is on the system and businesses processes that produce the e-record Preserving links between e-signed e-record’s components is critical Preserving links between e-signed e-record’s components is critical –Components provide evidence to support the reliability and authenticity of the signed e-record –May actually constitute the e-signature itself

53 Signed E-records Management Issues Key challenges faced in maintaining e- signed e-records Key challenges faced in maintaining e- signed e-records –Determining what needs to be retained to constitute a valid signed e-record –Preserving the association between the signed e-record’s various components over time

54 Determining what needs to be retained Cannot predict what the courts will require Cannot predict what the courts will require –Difficult to determine what information will be needed BA/RA used to select approach can help determine what needs to constitute the signed e-record BA/RA used to select approach can help determine what needs to constitute the signed e-record E-signature method will partially determine what will be retained E-signature method will partially determine what will be retained –Digital object: Maintain the ability to revalidate e-signatures –Signature process: Maintain adequate documentation of the e-signature’s validity

55 Determining what needs to be retained Digital object (encrypted hash, digitized signature, signature dynamic, other biometric) Digital object (encrypted hash, digitized signature, signature dynamic, other biometric) –Evidence that the e-signature was electronically validated –Functionality and records needed to revalidated –Vary according to the technology or approach used »Digital signature: public key of the presumed signer decrypted the message digest/hash and the hashes matched »Biometric: biometric profile of the signature matched the stored profile

56 Determining what needs to be retained Signature is a process (PIN, password, click wrap) Signature is a process (PIN, password, click wrap) –Signature does not exist as a discreet object and can’t be revalidated –Adequate documentation that the e- signature was valid when it was created must be retained –No court decisions on the validity of an e- signature »Can’t predict what the courts will require

57 Determining what needs to be retained Regardless of e-signature approach, entities should minimally retain documentation of the: Regardless of e-signature approach, entities should minimally retain documentation of the: –Signer’s identity –Process used to identify and authenticate the person –Date and time an individual was authenticated –Signer’s intent –Date and time that the signing process was completed

58 Preserving the association between a signed record’s various components Systems can manage signed e-records’ components Systems can manage signed e-records’ components –Must be accounted for when systems are planned E-records with long retention periods may need to be migrated to a new system or stored offline E-records with long retention periods may need to be migrated to a new system or stored offline –Need to preserve the association of their various components –Should be planned and well documented –Conducted in the normal course of business –Insure the records’ authenticity, integrity, and reliability

59 E-signature Strategies Questions and Concerns

60 NYS Office for Technology Strategic Policies, Acquisitions and e-Commerce 518-473-0224 NYECOM@oft.state.ny.us NYECOM@oft.state.ny.us http://www.oft.state.ny.us/esra/esra.htm

Download ppt "E-signature Strategies Alan S. Kowlowitz Strategic Policies, Acquisitions and e-Commerce NYS Office for Technology."

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.

Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Security Controls – What Works

Security Controls – What Works
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
IS Audit Function Knowledge

IS Audit Function Knowledge
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Similar presentations

Ads by Google