Server-Side Encrypting and Digital Signature Platform with Biometric Authorization
Автор: Leszek Siwik, Lukasz Mozgowoj
Журнал: International Journal of Computer Network and Information Security(IJCNIS) @ijcnis
Статья в выпуске: 4 vol.7, 2015 года.
Бесплатный доступ
The most important shortcomings of solutions based on public key infrastructure and digital signatures are: costs, ambiguous laws, and nuisance of daily use. The purpose of this article is to discuss the motivation and benefits, as well as a presentation of concepts, high-level architecture, and demonstration of the operation of bioPKI; i.e., a server-side encryption and digital signature platform with biometric authorization. The usefulness of even the most advanced platform of any type is negligible if convenient and easy-to-implement mechanisms are not provided to integrate this solution with external systems and applications. Thus, the possibility of integrating the bioPKI platform with applications and systems supporting PKCS#11 or CryptoAPI CSP is discussed.
PKI, digital signature, encryption, PKCS, CSP, biometry, finger vein
Короткий адрес: https://sciup.org/15011399
IDR: 15011399
Список литературы Server-Side Encrypting and Digital Signature Platform with Biometric Authorization
- Ballad B., Ballad T., Banks E., Access Control, Authentication, and Public Key Infrastructure.1st Edition, 2010.
- Bement, A.L. Security requirements for cryptographic modules, Information Technology Laboratory, National Institute of Standards and Technology, 2001.
- Bhattacharyya D., Ranjan R., Alisherov A., Choi M., Biometric Authentication: A Review, International Journal of u- and e- Service, Science and Technology Vol. 2, No. 3, September, 2009.
- Boulgouris N. V., Plataniotis K.N., Micheli-Tzanakou E., Biometrics: Theory, Methods, and Applications (IEEE Press Series on Computational Intelligence). 1st Edition, 2009.
- Chapman, M.R., SaaS Enterpreneur. The definite guide to success in your cloud application business, Softletter, 2012.
- Diffie W., Hellman M.E., New Directions In Cryptography, IEEE Transactions in Information Theory 22:(6), 644-654, 1976.
- Heseltine T., Pears N., Austin J., Chen Z., Face Recognition: A Comparison of Appearance-Based, Proc. VIIth Digital Image Computing: Techniques and Applications, Sun C., Talbot H., Ourselin S. and Adriaansen T. (Eds.), 10-12 Dec. 2003, Sydney.
- Himaga M., Kou K., Finger vein authentication technology and financial applications, w: Advances in Biometrics, Springer Verlag, London, 2008
- Huang B., Dai Y., Li R., Tang W., Li W., Finger-vein Authentication Based on Wide Line Detector and Pattern Normalization, International Conference on Pattern Recognition, 2010.
- Jain A.K., Ross A.A., Nandakumar K., Introduction to Biometrics. 1st Edition, 2011.
- McGrath, M.P. Understanding PaaS, O'Reilly Media, 2012.
- Menezes A.J., van Oorschot P.C., Vanstone S.A., Handbook of Applied Cryptography. Edycja V, 2005.
- Mitnick, K.D., Simon, W.L., Wozniak S., The art of Deception Controlling the human element of security, Wiley Publishing, 2002.
- Orthacker C., Centner M.,Kittl, C., Qualified Mobile Server Signature, Security and Privacy – Silver Linings in the Cloud, IFIP Advances in Information and Communication Technology, Springer Berlin Heidelberg, 2010https://online.tugraz.at/tug_online/voe_main2.getvolltext?pCurrPk=52961.
- Schneier, B. Applied cryptography, 2nd Edition, John Wiley and Sons, 1996.
- Vacca J.R., Public Key Infrastructure: Building Trusted Applications and Web Services. 1st Edition, 2004.
- Common Criteria for Information Technology Security Evaluation, Part 3: Security assurance components, version 3.1, Revision 4, CCMB-2012-09-003 https://www.niap-ccevs.org/Documents_and_Guidance/ cc_docs/CCPART3V3.1R4.pdf.
- Government factsheet, February 2010. http://www.epractice.eu/files/eGovernment%20in%20LI%20-%20Feb%202010%20-%208.0.pdf.
- Microsoft, The Cryptography API, or How to Keep a Secret, 2013 http://msdn.microsoft.com/en-us/library/ms867086.aspx.
- Cipher Corporation Ltd., nCipher Security World – White paper,2001,http://www.cc.com.pl/pl/prods/ncipher/pdf/ncipher_security_world_wp.pdf.
- Public Statement on Server Based Signature Services, Forum of European Supervisory Authorities for Electronic Signatures (FESA), October 17, 2005: http://www.fesa.eu/public-documents/PublicStatement-ServerBasedSignatureServices-20051027.pdf.
- RSA Laboratories, PKCS #11 v2.11: Cryptographic Token Interface Standard, 2001, http://www.clizio.com/download/pkcs-11v2-11r1.pdf.
- Thales Security World – A secure Key management Architecture for the Thales nShield Family of Hardware Security Modules – Thales White Paper.
- Polish Digital Signature Act. Dz.U.01.130.1450, on the basis of European directive: EU 1999/93/EC, September 2001.