Qualified Mobile Server Signature - Security and Privacy - Silver Linings in the Cloud
Conference Papers Year : 2010

Qualified Mobile Server Signature

Abstract

A legal basis for the use of electronic signatures exists since the introduction of qualified electronic signatures in EU Directive 1999/ 93/EC. Although considered as key enablers for e-Government and e-Commerce, qualified electronic signatures are still not widely used. Introducing amobile component addresses most of the shortcomings of existing qualified signature approaches but poses certain difficulties in the security reasoning. The proposed server based mobile signature approach authenticates the signatory over trusted channels and assists the protection of the signature-creation data with organizational measures. As with traditional qualified signature approaches, strong authentication of the signatory to the system is ensured by two factors. Knowledge of a PIN and possession of a valid subscriber identity module card is verified over two separate communication channels. The qualified mobil server signature fulfills the requirements on secure signature-creation devices defined by the EU directive and in particular its Austrian implementation
Fichier principal
Vignette du fichier
9-Paper-213-Mobile_Qualified_Server_Signature-Clemens_Orthacker.pdf (105.33 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01054524 , version 1 (07-08-2014)

Licence

Identifiers

Cite

Clemens Orthacker, Martin Centner, Christian Kittl. Qualified Mobile Server Signature. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. pp.103-111, ⟨10.1007/978-3-642-15257-3_10⟩. ⟨hal-01054524⟩
190 View
312 Download

Altmetric

Share

More