Electronic Signature & Digital Identity
Volume: 2004, No. III
Date: June 2004
Guest Editors: Javier López-Muñoz, Apol·lònia Martínez-Nadal and Ahmed Patel
Contents: Download full issue (PDF 1.5MB)
Electronic Signature & Digital Identity
Most studies agree that citizens, business people and government officials are still very wary of using information and communication technologies, the most important of which is currently the Internet. This lack of trust with regard to the transmission of information over computer networks is a serious obstacle on the path towards progress of important applications areas like e-Government and electronic commerce (e-Commerce). Electronic signature should enable us to raise the real level of security and the security perceived by the players involved in these new scenarios.
Electronic signatures also enable us to verify the source (authenticity) of information received over telecommunications networks, and ensure that it has not been manipulated along the way (integrity). This could already be achieved with conventional cryptography or secret key cryptography, but electronic signatures also ensure that the sender of an electronically signed message cannot subsequently deny having sent it (non-repudiation of source). Public key based electronic signature forms part of what has come to be known as Public Key Infrastructure (PKI). This infrastructure has led to the emergence of certification service providers (or certification authorities) without which the large scale use of electronic signature would not be possible. Certification service providers issue electronic certificates which are electronic documents linking the identity of a person (or entity) to a signature verification public key, which in turn are mathematically linked to a private key that should only be known to the rightful owner of the keys.
In addition to technological solutions (in this case public key cryptography based electronic signature) it was necessary to establish a legal framework in order to maximise users’ trust in the system. In the European Union countries current legislation considers an electronic signature as the equivalent of a handwritten signature (providing, of course, that it complies with certain requirements). Once provided with a suitable legal and technical legal framework, electronic signature should serve as a catalyst for the incorporation of electronic communications security solutions for transactions involving governments and enterprises, thereby benefiting the citizens who use it.
The UPgrade European NETwork section of this issue includes a paper from Mondo Digitale, the main publication from Associazione Italiana per l'Informatica ed il Calcolo Automatico (AICA) in Italy. The paper focuses on the topic of personal identification systems.
The following papers are included in this issue:
- Digital Signature at the Heart of Information Security Development: An Overview by Arturo Ribagorda-Garnacho
- Creating a Cross-Domain Public Key Infrastructure: The Keystone Project by Ahmed Patel
- Certification Practise Statements: The National Mint of Spain’s Experience by Josep-Lluís Ferrer-Gomila and Magdalena Payeras-Capellà
- Electronic Signature Functionality and Security Requirements by Gemma Déler-Castro and Juan-Carlos Cruellas-Ibarz
- Electronic Signature Today: A Manufacturer’s Viewpoint by Francisco Jordan-Fernández and Jordi Buch i Tarrats
- Development of an Integrated Document Management System with Advanced Electronic Signature Service by Iñaki Echevarría-Larrinaga, Oscar García-Jimeno, Juan A. Martín-Zubiaur, Víctor Llorente-Gómez and Javier Areitio-Bertolín
- Digital Signatures and Electronic Documents: A Cautionary Tale Revisited by Petr Švéda and Václav Matyáš Jr.
- Electronic Signature: An Analysis of the Main European and International Legal Regulations by Nadina Foggetti
- Electronic Signatures and Electronic Identity Card in the European Context and in Spanish Law by Apol·lònia Martínez-Nadal
- The UNCITRAL Model Law on Electronic Signatures by Rafael Illescas-Ortiz
- Legal Initiatives on Electronic Signature in Latin America by Mariliana Rico-Carrillo