Server-Side Encrypting and Digital Signature Platform with Biometric Authorization

Автор: Leszek Siwik, Lukasz Mozgowoj

Журнал: International Journal of Computer Network and Information Security(IJCNIS) @ijcnis

Статья в выпуске: 4 vol.7, 2015 года.

Бесплатный доступ

The most important shortcomings of solutions based on public key infrastructure and digital signatures are: costs, ambiguous laws, and nuisance of daily use. The purpose of this article is to discuss the motivation and benefits, as well as a presentation of concepts, high-level architecture, and demonstration of the operation of bioPKI; i.e., a server-side encryption and digital signature platform with biometric authorization. The usefulness of even the most advanced platform of any type is negligible if convenient and easy-to-implement mechanisms are not provided to integrate this solution with external systems and applications. Thus, the possibility of integrating the bioPKI platform with applications and systems supporting PKCS#11 or CryptoAPI CSP is discussed.

Еще

PKI, digital signature, encryption, PKCS, CSP, biometry, finger vein

Короткий адрес: https://sciup.org/15011399

IDR: 15011399

Список литературы Server-Side Encrypting and Digital Signature Platform with Biometric Authorization

  • Ballad B., Ballad T., Banks E., Access Control, Authentication, and Public Key Infrastructure.1st Edition, 2010.
  • Bement, A.L. Security requirements for cryptographic modules, Information Technology Laboratory, National Institute of Standards and Technology, 2001.
  • Bhattacharyya D., Ranjan R., Alisherov A., Choi M., Biometric Authentication: A Review, International Journal of u- and e- Service, Science and Technology Vol. 2, No. 3, September, 2009.
  • Boulgouris N. V., Plataniotis K.N., Micheli-Tzanakou E., Biometrics: Theory, Methods, and Applications (IEEE Press Series on Computational Intelligence). 1st Edition, 2009.
  • Chapman, M.R., SaaS Enterpreneur. The definite guide to success in your cloud application business, Softletter, 2012.
  • Diffie W., Hellman M.E., New Directions In Cryptography, IEEE Transactions in Information Theory 22:(6), 644-654, 1976.
  • Heseltine T., Pears N., Austin J., Chen Z., Face Recognition: A Comparison of Appearance-Based, Proc. VIIth Digital Image Computing: Techniques and Applications, Sun C., Talbot H., Ourselin S. and Adriaansen T. (Eds.), 10-12 Dec. 2003, Sydney.
  • Himaga M., Kou K., Finger vein authentication technology and financial applications, w: Advances in Biometrics, Springer Verlag, London, 2008
  • Huang B., Dai Y., Li R., Tang W., Li W., Finger-vein Authentication Based on Wide Line Detector and Pattern Normalization, International Conference on Pattern Recognition, 2010.
  • Jain A.K., Ross A.A., Nandakumar K., Introduction to Biometrics. 1st Edition, 2011.
  • McGrath, M.P. Understanding PaaS, O'Reilly Media, 2012.
  • Menezes A.J., van Oorschot P.C., Vanstone S.A., Handbook of Applied Cryptography. Edycja V, 2005.
  • Mitnick, K.D., Simon, W.L., Wozniak S., The art of Deception Controlling the human element of security, Wiley Publishing, 2002.
  • Orthacker C., Centner M.,Kittl, C., Qualified Mobile Server Signature, Security and Privacy – Silver Linings in the Cloud, IFIP Advances in Information and Communication Technology, Springer Berlin Heidelberg, 2010https://online.tugraz.at/tug_online/voe_main2.getvolltext?pCurrPk=52961.
  • Schneier, B. Applied cryptography, 2nd Edition, John Wiley and Sons, 1996.
  • Vacca J.R., Public Key Infrastructure: Building Trusted Applications and Web Services. 1st Edition, 2004.
  • Common Criteria for Information Technology Security Evaluation, Part 3: Security assurance components, version 3.1, Revision 4, CCMB-2012-09-003 https://www.niap-ccevs.org/Documents_and_Guidance/ cc_docs/CCPART3V3.1R4.pdf.
  • Government factsheet, February 2010. http://www.epractice.eu/files/eGovernment%20in%20LI%20-%20Feb%202010%20-%208.0.pdf.
  • Microsoft, The Cryptography API, or How to Keep a Secret, 2013 http://msdn.microsoft.com/en-us/library/ms867086.aspx.
  • Cipher Corporation Ltd., nCipher Security World – White paper,2001,http://www.cc.com.pl/pl/prods/ncipher/pdf/ncipher_security_world_wp.pdf.
  • Public Statement on Server Based Signature Services, Forum of European Supervisory Authorities for Electronic Signatures (FESA), October 17, 2005: http://www.fesa.eu/public-documents/PublicStatement-ServerBasedSignatureServices-20051027.pdf.
  • RSA Laboratories, PKCS #11 v2.11: Cryptographic Token Interface Standard, 2001, http://www.clizio.com/download/pkcs-11v2-11r1.pdf.
  • Thales Security World – A secure Key management Architecture for the Thales nShield Family of Hardware Security Modules – Thales White Paper.
  • Polish Digital Signature Act. Dz.U.01.130.1450, on the basis of European directive: EU 1999/93/EC, September 2001.
Еще
Статья научная