Skip to main content

Outsourcing digital signatures: a solution to key management burden

Buy Article:

$54.08 plus tax (Refund Policy)

Abstract:

Purpose ? Digital signatures are only enjoying a gradual and reluctant acceptance, despite the long existence of the relevant legal and technical frameworks. One of the major drawbacks of client-generated digital signatures is the requirement for effective and secure management of the signing keys and the complexity of the cryptographic operations that must be performed by the signer. Outsourcing digital signatures to a trusted third party would be an elegant solution to the key management burden. Aims to investigate whether this is legally and technically feasible. Design/methodology/approach ? In this paper's approach a relying party trusts a Signature Authority (SA) for the tokens it issues, rather than a Certification Authority for the certificates it creates in a traditional public key infrastructure scheme. Findings ? The paper argues that passing the control of signature creation to a SA rather than the signer herself, is not a stronger concession than the dependence on an identity certificate issued by a Certification Authority. Originality/value ? The paper proposes a framework for outsourced digital signatures.

Keywords: Communication technologies; Data security; Digital signatures; Information systems

Document Type: Research Article

DOI: https://doi.org/10.1108/09685220610707449

Publication date: 2006-10-01

  • Access Key
  • Free ContentFree content
  • Partial Free ContentPartial Free content
  • New ContentNew content
  • Open Access ContentOpen access content
  • Partial Open Access ContentPartial Open access content
  • Subscribed ContentSubscribed content
  • Partial Subscribed ContentPartial Subscribed content
  • Free Trial ContentFree trial content
Cookie Policy
X
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more