Home // SECURWARE 2016, The Tenth International Conference on Emerging Security Information, Systems and Technologies // View article

Towards Extensible Signature Policies in Brazil: A Case Study

Authors:
Maurício Oliveira
Martín Vigil
Marcelo Carlomagno Carlos
Ricardo Custódio

Keywords: Signature Policy; Digital Signature; Public Key Infrastructure; Time-Stamp.

Abstract:
Signature policies are a set of rules to create and verify signatures. For example, they specify the signature algorithm that a signer should employ and the evidence a verifier must use to verify a signature. Brazil has adopted signature policies to regulate legally binding signatures. Our contribution is to analyze and improve the use of signature policies in Brazil. Our analysis shows that the current policies present a serious issue in situations where the requirements of a signature change. A practical example is when the validity of a signature needs to be extended, e.g., to guarantee non-repudiation time-stamps become required. To address this issue, we propose the extensible signature policies which, in addition to the definition of how a signature is created and verified, specifies which further policies can be applied to the signature. We demonstrate the efficacy of our solution by performing new signature policies and developing a prototype. Furthermore, we argue that our extensible signature policies solution does not require significant changes on existing signature methods and infrastructure.

Pages: 167 to 173

Copyright: Copyright (c) IARIA, 2016

Publication date: July 24, 2016

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-493-0

Location: Nice, France

Dates: from July 24, 2016 to July 28, 2016