SlideShare ist ein Scribd-Unternehmen logo

XML Digital Signature Concepts

H
Hüseyin Çakır

This document provides an overview of basic concepts for the ekoSign senior project. It discusses digital signatures and how XML can be used to achieve success in e-business processes. It describes the business challenges of information flows in a supply chain and how a company's policies can define authorization levels for internal, external, and internal departmental information flows. It also outlines the process for signing documents, including retrieving certificates and submitting signed documents. Finally, it explains the structure of XML documents and how XML digital signatures can provide authentication and integrity for business transactions.

TechnologieBusiness
1 von 11
Downloaden Sie, um offline zu lesen
SENIOR PROJECT 2007-2008 (Basic concepts of the ekoSign project) 3. Basic Concepts XML Digital Signature: Use and Adaptation to Achieve Success in E-business Processes Project team members Hüseyin Çakır, Mehmet Mesut Özışık, Yılmaz Kaya Abstract:This paper presents basic concepts that are needed during project implementation. At first part of the document the description of supply chain and it's elements are explained with motivation to the business challenges, company policies in an organization and some terminologies about XML Signature including digital signatures. Keywords:Digital signature, e-business, supply chain, XML signature. http://groups.google.com/group/digitalsignature digitalsignature@googlegroups.com PRINT DATE: 12/25/07 1
During 80s business start to be conducted over internet especially after emergence of high speed communication networks as a result of this a lot of companies try to carry their internal and external operations using digital rather than traditional manual documentation. Constructing new procedures in data exchange become highly needed to fulfill e-commerce mechanisms. At this point XML become the most important source to be used in digital signature processes. XML Signature helps business actions to be authenticated and made accessible in business processes. There are also some shortcomings of the current XML signature procedures, first of all current technology is capable of providing signing capabilities for final document however in business logic there is a significant need to construct partial document ownership. Signature binding to the whole document is not a feasible solution in e-business, in fact participants in business need to make individual modifications on the document. According to Gupta, partial document ownership involves assigning ownership of the content to an individual when that individual changes part of a document. Clearly, partial document ownership requires that a document be recognized as a collection of objects [1]. 3.1 Business Challenge To understand business challenges, initially we had to understand supply chain concept in business. Supply chain consists of all stages involved directly or indirectly in fulfilling customer requests. As emphasis is on the customer, companies are reassessing their supply-chain processes. For companies to succeed, today's supply chains must be quick enough to respond to customer demands. In supply chain there are five main stages suppliers, manufacturers, distributors, retailers and customers. Also there are three types of flows product, information and fund. Information flow is the main issue to focus in digital signature processing. Information deeply affects every part of the supply chain. Its impact is easy to underestimate, as information affects a supply chain in many different ways. Consider the following; 1.Information serves as the connection between various stages of a supply chain, allowing them to coordinate and maximize total supply chain profitability. 2.Information is also crucial to the daily operations of each stage in supply chain [2]. In business, flows can be classified in two categories as internal flow and external flow. Figure 3.1 is the main motivation of our project which underlies the tree main information flow: • • Information flows inside the company between departments which is called internal flow. Information flows coming from outside of the company which are called external flow and information flows inside the departments themselves. 2
Figure 3.1 Internal & external information flows. Our concern is to make information flows more efficient in a business structure by using XML in work flow applications. In work flows documents are moving around a community of people who perform particular tasks in business. XML is the best source to use in these application as XML has a structure like paper documents people are already using. To analyze work flows more concretely ; we have to think more technically, in traditional way of handling of information flow, data is kept in a database and when needed ad-hoc queries are used to get them, but this approach does not support the work flow. Typically in a document-based work flow, a document goes through a number of iterations as different people add to its content so XML structure is more effective to manage data on a work flow. 3.2 Company Policy Policies are high-level documents that represent corporate philosophy of an organization. In addition to the corporate policies, an organization should also define lower level of policies for departments and individual divisions. These lower level policies should have aligned philosophies with corporate level policies. Information system management policy is also one of the lower level policies that reflect the implementation of policies and procedures developed for various information system related management activities. Information system management policies will often set the stage in terms of what tools and procedures are needed for the organization in other words they are the frameworks for defining how a particular work should be performed. The project team should set a clear policy direction in line with business objectives and demonstrate support for, and commitment to, information security through the issue and maintenance of an information security policy across the organization [3]. Company policy will be constructed according to these three flows; Internal organization flows, external organization flows and flows inside company's departments. The XML documents' structure will be used to create policy levels. For instance, a company maintains it's order records in XML. Each record consist of the order name, order priority, order time and digital signature. • Nodes inside Sales Department of the company (information flow inside department) is allowed to see the entire order record, and modify order records so will have a most authorized digital signature. 3
• • Internal nodes (other department e.g. Warehouse) are allowed to see the order name,order priority and order time, and only modify order time. External nodes are only allowed to see the order name, order priority and order time. Cannot modify any part of the record. So all these nodes must have different levels of authorization according to their positions at company policy. Moreover, every nodes has different level of authorization. For instance, Sales Managers' authorization level is different than Sales Representatives'. While Sales Managers are allowed to sign documents that has high order costs Sales Representatives cannot sign these type of documents as a result of company policies defined by the organization. 3.3 Process Flow for Document Signing Figure 3.2 presents the conceptual diagram of a prototype document signing system. The system involves an integration of digital signature technology with organizational sign-on initiatives and a document management system. Figure 3.2 The process flow for document signing. The process flow for document signing as follows; Retrieve certificate: Before starting to sign documents with a digital signature, users need to download a personal certificate from a certificate server to their PC. This can be done by submitting on-line authentication to the certificate server or by using plug-in certificate tools (e.g. RSA's web passport.). Certificate can be stored in user's PC for future use or deleted after signing. Obtain the document: Users can download document from any file server in use. When user is checking out a document, other users can be prevented from obtaining that document with write access. However, many file servers write file information to the documents, which in turn, invalidates digital signatures. Signing the document: User can use digital signature plug-in tools that are compatible with document creation software to sign or validate signatures on document. Submit the signed document: After signing a document, users can check document back into file server, which then lets other authorized users have complete access to it. Locking down the document: When all individuals of the contract process have signed in the document, the document can be locked down and moved to an access-controlled directory in the file server [1]. 4
3.4 Extensible Markup Language (XML) XML is a simple, very flexible text format derived from SGML (ISO 8879). Originally designed to meet the challenges of large-scale electronic publishing, XML is also playing an increasingly important role in the exchange of a wide variety of data on the Web and elsewhere. The XML standard has been developed and quickly a large number of software vendors have adopted the standard. XML will be the most common tool for all data manipulation and data transmission. The features that make XML so powerful for business transactions (e.g. , semantically rich and structured data, text-based, and Web-ready nature) provide both challenges and opportunities for the application of encryption and digital signature operations to XML-encoded data. For example, in many work flow scenarios where an XML document flows stepwise between participants, and where a digital signature implies some sort of commitment or assertion, each participant may wish to sign only that portion for which they are responsible and assume a concomitant level of liability. Older standards for digital signatures provide neither syntax for capturing this sort of highgranularity signature nor mechanisms for expressing which portion a principal wishes to sign. As XML becomes a vital component of the emerging electronic business infrastructure, we need reliable, secure XML messages to form the basis of business transactions. One key to enabling secure transactions is the concept of a digital signature, ensuring the integrity and authenticity of origin for business documents. XML Signature is an evolving standard for digital signatures that both addresses the special issues and requirements that XML presents for signing operations and uses XML syntax for capturing the result, simplifying its integration into XML applications [4]. 3.4.1 Layout of an XML Document XML divides documents into two main parts which are; • • Plain part of document. (Users insert their messages which they need to send.) XML Signature part. (Signatures that constructs signature process according to polcies.) A basic example to use of XML for a company can be seen below. The whole document is covered as a root element "progressReport". In the root element there are two departments "Sales Department" and "Warehouse" that are communicating with each other through the "plainPartOfDocument". Security issues can be controlled by "digitalSignature" element. Both two departments have different signatures related to their part of the document's content (Figure 3.2) . Figure 3.3 General layout of XML. 5
<progressReport> <salesDepartment> Plain part of document for Sales Department at our example <plainPartOfDocument> X-product stock out!, new shipment needed. </plainPartOfDocument> Sample Digital Signature <digitalSignature> X6fshSf45ZS63a56ta35 </digitalSignature> </salesDepartment> <warehouse> Plain part of document for Warehouse at our example <plainPartOfDocument> Distribution of X- product is waiting to be approved. </plainPartOfDocument> Sample Digital Signature <digitalSignature> sf789HaODh67s8h7shs7 </digitalSignature> </warehouse> </progressReport> Figure 3.4 Detailed document layout. One of the most important benefits of XML is its extensibility. This feature can be used in our example by adding another department "management" into the "progressReport". XML is also platform-independent so that documents can be used on various systems. <management> <plainPartOfDocument> MESSAGE </plainPartOfDocument> <digitalSignature> adgX8d6g686g6A6dgsKCkvm </digitalSignature> </management> 6
3.4.2 XML Digital Signature Concept Digital signatures are important because they provide end-to-end message integrity guarantees, and can also provide authentication information about the originator of a message. In order to be most effective, the signature must be part of the application data, so that it is generated at the time the message is created, and it can be verified at the time the message is ultimately consumed and processed. An XML signature would define a series of XML elements that could be embedded in, or otherwise affiliated with, any XML document. It would allow the receiver to verify that the message has not been modified from what the sender intended. The XML-Signature Syntax and Processing specification (abbreviated in this article as XML DSIG) was a joint effort of the W3C and the IETF. It's been an official W3C Recommendation since February 2002 [5]. A top-level of XML Signature document is fairly simple. It has information about what is being signed, the signature, the keys used to create the signature, and a place to store arbitrary information: <element name="Signature" type="ds:SignatureType"/> <complexType name="SignatureType"> <sequence> <element ref="ds:SignedInfo"/> <element ref="ds:SignatureValue"/> <element ref="ds:KeyInfo" minOccurs="0"/> <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> </sequence> <attribute name="Id" type="ID" use="optional"/> </complexType> There are eight main concepts that is used in the XML layout : • • • • • • • • Id ds:SignatureValue ds:Object ds:SignedInfo ds:KeyInfo Reference Element Transforms Element Manifest Element Id The global Id attribute allows a document to contain multiple signatures, and provides a way to identify particular instances. Multiple signatures are common in business policies, such as when both the manager and the Travel Office must approve a trip application. 7
ds:Signature Value Element This element contains the actual signature. As signatures are always binary data, XML DSIG specifies that the signature value is always a simple element with Base64-encoded content: <element name="SignatureValue" type="ds:SignatureValueType"/> <complexType name="SignatureValueType"> <simpleContent> <extension base="base64Binary"> <attribute name="Id" type="ID" use="optional"/> </extension> </simpleContent> </complexType> ds:Object Element An XML DSIG can cover multiple items. An item will often be able to stand on its own, such as a Web page or XML business document, but sometimes an item is best treated as metadata for the "true" content being signed. For example, the data might be a "property" of the signature, such as a time stamp for when the signature was generated. The ds:Object element can be used to hold such data within the Signature: <element name="Object" type="ds:ObjectType"/> <complexType name="ObjectType" mixed="true"> <sequence minOccurs="0" maxOccurs="unbounded"> <any namespace="##any" processContents="lax"/> </sequence> <attribute name="Id" type="ID" use="optional"/> <attribute name="MimeType" type="string" use="optional"/> <attribute name="Encoding" type="anyURI" use="optional"/> </complexType> ds:SignedInfo Element The content of ds:SignedInfo can be divided into two parts, information about the SignatureValue, and information about the application content, as we can see from the following XML Schema fragment: <element name="SignedInfo" type="ds:SignedInfoType"/> <complexType name="SignedInfoType"> <sequence> <element ref="ds:CanonicalizationMethod"/> <element ref="ds:SignatureMethod"/> <element ref="ds:Reference" maxOccurs="unbounded"/> </sequence> <attribute name="Id" type="ID" use="optional"/> </complexType> 8
ds:KeyInfo Element Recall that content is protected by using indirection: the ds:SignatureValue covers the ds:SignedInfo, which contains ds:References that contain the digest values of the application data. Change any of those things, and the chain of math computations is broken, and the signature won't verify. The only thing left to do is to identify the signer, or at least the key that generated the signature (or, more cryptographically, the key that protects the digest from being modified). This is the job of the ds:KeyInfo element: <element name="KeyInfo" type="ds:KeyInfoType"/> <complexType name="KeyInfoType" mixed="true"> <choice maxOccurs="unbounded"> <element ref="ds:KeyName"/> <element ref="ds:KeyValue"/> <element ref="ds:RetrievalMethod"/> <element ref="ds:X509Data"/> <element ref="ds:PGPData"/> <element ref="ds:SPKIData"/> <element ref="ds:MgmtData"/> <any processContents="lax" namespace="##other"/> <!-- (1,1) elements from (0,unbounded) namespaces --> </choice> <attribute name="Id" type="ID" use="optional"/> </complexType> Reference Element Reference is an element that may occur one or more times. It specifies a digest algorithm and digest value, and optionally an identifier of the object being signed, the type of the object, and/or a list of transforms to be applied prior to digesting. The identification (URI) and transforms describe how the digested content (i.e., the input to the digest method) was created. The Type attribute facilitates the processing of referenced data. For example, while this specification makes no requirements over external data, an application may wish to signal that the referent is a Manifest. An optional ID attribute permits a Reference to be referenced from elsewhere [6]. <element name="Reference" type="ds:ReferenceType"/> <complexType name="ReferenceType"> <sequence> <element ref="ds:Transforms" minOccurs="0"/> <element ref="ds:DigestMethod"/> <element ref="ds:DigestValue"/> </sequence> <attribute name="Id" type="ID" use="optional"/> <attribute name="URI" type="anyURI" use="optional"/> <attribute name="Type" type="anyURI" use="optional"/> </complexType> 9
Transforms Element The optional Transforms element contains an ordered list of Transform elements; these describe how the signer obtained the data object that was digested. The output of each Transform serves as input to the next Transform. Examples of transforms include but are not limited to base64 decoding [MIME], canonicalization [XML-C14N], XPath filtering [XPath], and XSLT [XSLT] [6]. <element name="Transforms" type="ds:TransformsType"/> <complexType name="TransformsType"> <sequence> <element ref="ds:Transform" maxOccurs="unbounded"/> </sequence> </complexType> <element name="Transform" type="ds:TransformType"/> <complexType name="TransformType" mixed="true"> <choice minOccurs="0" maxOccurs="unbounded"> <any namespace="##other" processContents="lax"/> <!-- (1,1) elements from (0,unbounded) namespaces --> <element name="XPath" type="string"/> </choice> <attribute name="Algorithm" type="anyURI" use="required"/> </complexType> Manifest Element The Manifest element provides a list of References. The difference from the list in SignedInfo is that it is application defined which, if any, of the digests are actually checked against the objects referenced and what to do if the object is inaccessible or the digest compare fails [6]. <element name="Manifest" type="ds:ManifestType"/> <complexType name="ManifestType"> <sequence> <element ref="ds:Reference" maxOccurs="unbounded"/> </sequence> <attribute name="Id" type="ID" use="optional"/> </complexType> 10
3.5 References [1]. A. Gupta., Y.A. Tung, J.R. Marsten, “Digital signature:use and modification to achieve success in nextgenerational e-business processes”, Sicience Direct, p.571, June 2003. [Online]. Avaliable:http://www.sciencedirect.com. [Accessed October 17, 2007]. [2].Sunil Chopra,Peter Meindil , “Chapter1, Understanding the supply chain ”, in Supply Chain Management 3rd edition, pp.3-18. [3]. “Information technology . Security techniques”, ISO/IEC, p.7, February 2005. [4].The World Wide Web Consortium, “XML Avaliable:http://www.w3.org/Signature [Accessed October 25, 2007]. Signature”, [Online]. [5].Microsoft Developer Network, “ Understanding XML Digital Signature”[Online]. Avaliable:http://msdn2.microsoft. com/en-us/library/ms996502.aspx [Accessed November 2007]. [6]. The World Wide Web Consortium , “XML Signature Syntax and Processing”, [Online]. Avaliable: http://www.w3.org/TR/xmldsig-core/#sec [Accessed December 20, 2007]. 11

Empfohlen

Cloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudCloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudIOSR Journals
 
White Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity ManagementWhite Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity ManagementGigya
 
INTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULES
INTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULESINTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULES
INTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULESijdms
 
Company Metadata and Master Data Management Unit 9 Assigment 1 Jessica Graf
Company Metadata and Master Data Management Unit 9 Assigment 1 Jessica GrafCompany Metadata and Master Data Management Unit 9 Assigment 1 Jessica Graf
Company Metadata and Master Data Management Unit 9 Assigment 1 Jessica GrafJessica Graf
 
Managing Data Strategically
Managing Data StrategicallyManaging Data Strategically
Managing Data StrategicallyMichael Findling
 
Management Information System Types
Management Information System TypesManagement Information System Types
Management Information System TypesJunaid Ashraf
 
Chap07 Electronic Business Systems
Chap07 Electronic Business SystemsChap07 Electronic Business Systems
Chap07 Electronic Business SystemsAqib Syed
 
Chap01 edit
Chap01 editChap01 edit
Chap01 editrpvgb
 

Empfohlen

Cloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudCloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudIOSR Journals
 
White Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity ManagementWhite Paper: Saml as an SSO Standard for Customer Identity Management
White Paper: Saml as an SSO Standard for Customer Identity ManagementGigya
 
INTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULES
INTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULESINTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULES
INTEGRATED FRAMEWORK TO MODEL DATA WITH BUSINESS PROCESS AND BUSINESS RULESijdms
 
Company Metadata and Master Data Management Unit 9 Assigment 1 Jessica Graf
Company Metadata and Master Data Management Unit 9 Assigment 1 Jessica GrafCompany Metadata and Master Data Management Unit 9 Assigment 1 Jessica Graf
Company Metadata and Master Data Management Unit 9 Assigment 1 Jessica GrafJessica Graf
 
Managing Data Strategically
Managing Data StrategicallyManaging Data Strategically
Managing Data StrategicallyMichael Findling
 
Management Information System Types
Management Information System TypesManagement Information System Types
Management Information System TypesJunaid Ashraf
 
Chap07 Electronic Business Systems
Chap07 Electronic Business SystemsChap07 Electronic Business Systems
Chap07 Electronic Business SystemsAqib Syed
 
Chap01 edit
Chap01 editChap01 edit
Chap01 editrpvgb
 
Cibm ch 02
Cibm ch 02Cibm ch 02
Cibm ch 02Shaheen Khan
 
Information Systems
Information SystemsInformation Systems
Information SystemsCarlos J. Costa
 
Business horizonsweston
Business horizonswestonBusiness horizonsweston
Business horizonswestonIkram KASSOU
 
Chap01 Foundations of Information Systems in Business
Chap01 Foundations of Information Systems in BusinessChap01 Foundations of Information Systems in Business
Chap01 Foundations of Information Systems in BusinessAqib Syed
 
james o'brien chapter 7 electronic business system
james o'brien chapter 7 electronic business system james o'brien chapter 7 electronic business system
james o'brien chapter 7 electronic business system mousumsts
 
Dit yvol3iss8
Dit yvol3iss8Dit yvol3iss8
Dit yvol3iss8Rick Lemieux
 
Chapter 1
Chapter 1Chapter 1
Chapter 1faizanfive
 
Dit yvol3iss19
Dit yvol3iss19Dit yvol3iss19
Dit yvol3iss19Rick Lemieux
 
Chap09 Electronic Commerce Systems
Chap09 Electronic Commerce SystemsChap09 Electronic Commerce Systems
Chap09 Electronic Commerce SystemsAqib Syed
 
Dit yvol4iss11
Dit yvol4iss11Dit yvol4iss11
Dit yvol4iss11Rick Lemieux
 
Customer IAM vs Employee IAM (Legacy IAM)
Customer IAM vs Employee IAM (Legacy IAM)Customer IAM vs Employee IAM (Legacy IAM)
Customer IAM vs Employee IAM (Legacy IAM)Ubisecure
 
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEIJNSA Journal
 
MIS 373 Lecture Notes Jan27
MIS 373 Lecture Notes Jan27MIS 373 Lecture Notes Jan27
MIS 373 Lecture Notes Jan27Spredfast
 
Streamlining the Business Process
Streamlining the Business ProcessStreamlining the Business Process
Streamlining the Business Processjingrato
 
Chap08 Enterprise Business Systems
Chap08 Enterprise Business SystemsChap08 Enterprise Business Systems
Chap08 Enterprise Business SystemsAqib Syed
 
Electronic Commerce
Electronic CommerceElectronic Commerce
Electronic Commerceellamee27
 
Information System Management - Architecture and Infrastructure
Information System Management - Architecture and InfrastructureInformation System Management - Architecture and Infrastructure
Information System Management - Architecture and InfrastructureLaguna State Polytechnic University
 
Management Information System one or two chapter By Amjad Ali Depar MBA Student
Management Information System one or two chapter By Amjad Ali Depar MBA StudentManagement Information System one or two chapter By Amjad Ali Depar MBA Student
Management Information System one or two chapter By Amjad Ali Depar MBA StudentAG RD
 
Chap 17 managing information systems and communication technology
Chap 17 managing information systems and communication technologyChap 17 managing information systems and communication technology
Chap 17 managing information systems and communication technologyMemoona Qadeer
 
Is202 ch 03
Is202 ch 03Is202 ch 03
Is202 ch 03Shaheen Khan
 
Programación primavera Gran Teatro Elche
Programación primavera Gran Teatro ElcheProgramación primavera Gran Teatro Elche
Programación primavera Gran Teatro ElcheSalvador Campello
 
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...Hüseyin Çakır
 

Weitere ähnliche Inhalte

Was ist angesagt?

Business horizonsweston
Business horizonswestonBusiness horizonsweston
Business horizonswestonIkram KASSOU
 
Chap01 Foundations of Information Systems in Business
Chap01 Foundations of Information Systems in BusinessChap01 Foundations of Information Systems in Business
Chap01 Foundations of Information Systems in BusinessAqib Syed
 
james o'brien chapter 7 electronic business system
james o'brien chapter 7 electronic business system james o'brien chapter 7 electronic business system
james o'brien chapter 7 electronic business system mousumsts
 
Chap09 Electronic Commerce Systems
Chap09 Electronic Commerce SystemsChap09 Electronic Commerce Systems
Chap09 Electronic Commerce SystemsAqib Syed
 
Customer IAM vs Employee IAM (Legacy IAM)
Customer IAM vs Employee IAM (Legacy IAM)Customer IAM vs Employee IAM (Legacy IAM)
Customer IAM vs Employee IAM (Legacy IAM)Ubisecure
 
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEIJNSA Journal
 
MIS 373 Lecture Notes Jan27
MIS 373 Lecture Notes Jan27MIS 373 Lecture Notes Jan27
MIS 373 Lecture Notes Jan27Spredfast
 
Streamlining the Business Process
Streamlining the Business ProcessStreamlining the Business Process
Streamlining the Business Processjingrato
 
Chap08 Enterprise Business Systems
Chap08 Enterprise Business SystemsChap08 Enterprise Business Systems
Chap08 Enterprise Business SystemsAqib Syed
 
Electronic Commerce
Electronic CommerceElectronic Commerce
Electronic Commerceellamee27
 
Management Information System one or two chapter By Amjad Ali Depar MBA Student
Management Information System one or two chapter By Amjad Ali Depar MBA StudentManagement Information System one or two chapter By Amjad Ali Depar MBA Student
Management Information System one or two chapter By Amjad Ali Depar MBA StudentAG RD
 
Chap 17 managing information systems and communication technology
Chap 17 managing information systems and communication technologyChap 17 managing information systems and communication technology
Chap 17 managing information systems and communication technologyMemoona Qadeer
 

Was ist angesagt? (20)

Cibm ch 02
Cibm ch 02Cibm ch 02
Cibm ch 02
 
Information Systems
Information SystemsInformation Systems
Information Systems
 
Business horizonsweston
Business horizonswestonBusiness horizonsweston
Business horizonsweston
 
Chap01 Foundations of Information Systems in Business
Chap01 Foundations of Information Systems in BusinessChap01 Foundations of Information Systems in Business
Chap01 Foundations of Information Systems in Business
 
james o'brien chapter 7 electronic business system
james o'brien chapter 7 electronic business system james o'brien chapter 7 electronic business system
james o'brien chapter 7 electronic business system
 
Dit yvol3iss8
Dit yvol3iss8Dit yvol3iss8
Dit yvol3iss8
 
Chapter 1
Chapter 1Chapter 1
Chapter 1
 
Dit yvol3iss19
Dit yvol3iss19Dit yvol3iss19
Dit yvol3iss19
 
Chap09 Electronic Commerce Systems
Chap09 Electronic Commerce SystemsChap09 Electronic Commerce Systems
Chap09 Electronic Commerce Systems
 
Dit yvol4iss11
Dit yvol4iss11Dit yvol4iss11
Dit yvol4iss11
 
Customer IAM vs Employee IAM (Legacy IAM)
Customer IAM vs Employee IAM (Legacy IAM)Customer IAM vs Employee IAM (Legacy IAM)
Customer IAM vs Employee IAM (Legacy IAM)
 
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
 
MIS 373 Lecture Notes Jan27
MIS 373 Lecture Notes Jan27MIS 373 Lecture Notes Jan27
MIS 373 Lecture Notes Jan27
 
Streamlining the Business Process
Streamlining the Business ProcessStreamlining the Business Process
Streamlining the Business Process
 
Chap08 Enterprise Business Systems
Chap08 Enterprise Business SystemsChap08 Enterprise Business Systems
Chap08 Enterprise Business Systems
 
Electronic Commerce
Electronic CommerceElectronic Commerce
Electronic Commerce
 
Information System Management - Architecture and Infrastructure
Information System Management - Architecture and InfrastructureInformation System Management - Architecture and Infrastructure
Information System Management - Architecture and Infrastructure
 
Management Information System one or two chapter By Amjad Ali Depar MBA Student
Management Information System one or two chapter By Amjad Ali Depar MBA StudentManagement Information System one or two chapter By Amjad Ali Depar MBA Student
Management Information System one or two chapter By Amjad Ali Depar MBA Student
 
Chap 17 managing information systems and communication technology
Chap 17 managing information systems and communication technologyChap 17 managing information systems and communication technology
Chap 17 managing information systems and communication technology
 
Is202 ch 03
Is202 ch 03Is202 ch 03
Is202 ch 03
 

Andere mochten auch

Programación primavera Gran Teatro Elche
Programación primavera Gran Teatro ElcheProgramación primavera Gran Teatro Elche
Programación primavera Gran Teatro ElcheSalvador Campello
 
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...Hüseyin Çakır
 
Thesis Defense Exam Presentation
Thesis Defense Exam PresentationThesis Defense Exam Presentation
Thesis Defense Exam PresentationHüseyin Çakır
 
Logical Deductions - Syllogisms
Logical Deductions - SyllogismsLogical Deductions - Syllogisms
Logical Deductions - Syllogismsnickyswetha
 
CATEGORICAL SYLLOGISM
CATEGORICAL SYLLOGISMCATEGORICAL SYLLOGISM
CATEGORICAL SYLLOGISMashelle14
 

Andere mochten auch (8)

Programación primavera Gran Teatro Elche
Programación primavera Gran Teatro ElcheProgramación primavera Gran Teatro Elche
Programación primavera Gran Teatro Elche
 
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...
DEVELOPMENT OF FUZZY SYLLOGISTIC ALGORITHMS AND APPLICATIONS DISTRIBUTED REAS...
 
Thesis Defense Exam Presentation
Thesis Defense Exam PresentationThesis Defense Exam Presentation
Thesis Defense Exam Presentation
 
Logical Deductions - Syllogisms
Logical Deductions - SyllogismsLogical Deductions - Syllogisms
Logical Deductions - Syllogisms
 
5.3 Rules And Fallacies
5.3 Rules And Fallacies5.3 Rules And Fallacies
5.3 Rules And Fallacies
 
Inferencia LóGica
Inferencia LóGicaInferencia LóGica
Inferencia LóGica
 
CATEGORICAL SYLLOGISM
CATEGORICAL SYLLOGISMCATEGORICAL SYLLOGISM
CATEGORICAL SYLLOGISM
 
Appendix
AppendixAppendix
Appendix
 

Ähnlich wie XML Digital Signature Concepts

Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...
Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...
Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...IOSR Journals
 
Case study of rules as relational data
Case study of rules as relational dataCase study of rules as relational data
Case study of rules as relational dataJeff Long
 
Case study of rules as relational data
Case study of rules as relational dataCase study of rules as relational data
Case study of rules as relational dataJeff Long
 
1. Business logic.pptx
1. Business logic.pptx1. Business logic.pptx
1. Business logic.pptxcalf_ville86
 
The Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving ComplianceThe Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving CompliancePortalGuard
 
Agent-Based Workflow
Agent-Based WorkflowAgent-Based Workflow
Agent-Based WorkflowLarry Suarez
 
Why Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdfWhy Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdfData Science Council of America
 
Why Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdfWhy Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdfData Science Council of America
 
Industrializing investment banking_wp_2
Industrializing investment banking_wp_2Industrializing investment banking_wp_2
Industrializing investment banking_wp_2EMC
 
How an eSignature Workflow Streamlines Document Management | DrySign
How an eSignature Workflow Streamlines Document Management | DrySign How an eSignature Workflow Streamlines Document Management | DrySign
How an eSignature Workflow Streamlines Document Management | DrySign Drysign By Exela
 
Actionable Architecture
Actionable ArchitectureActionable Architecture
Actionable Architectureguestd3d2f49
 
Securing Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation NotesSecuring Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation Notesedwinlorenzana
 
data collection, data integration, data management, data modeling.pptx
data collection, data integration, data management, data modeling.pptxdata collection, data integration, data management, data modeling.pptx
data collection, data integration, data management, data modeling.pptxSourabhkumar729579
 
Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)Gord Reynolds
 
Digital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxDigital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxChristopher Wynder
 
Cloud computing gartner report
Cloud computing gartner reportCloud computing gartner report
Cloud computing gartner reportSumeet Mayor
 

Ähnlich wie XML Digital Signature Concepts (20)

Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...
Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...
Corporate Policy Governance in Secure MD5 Data Changes and Multi Hand Adminis...
 
D017141823
D017141823D017141823
D017141823
 
Case study of rules as relational data
Case study of rules as relational dataCase study of rules as relational data
Case study of rules as relational data
 
Case study of rules as relational data
Case study of rules as relational dataCase study of rules as relational data
Case study of rules as relational data
 
1. Business logic.pptx
1. Business logic.pptx1. Business logic.pptx
1. Business logic.pptx
 
The Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving ComplianceThe Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving Compliance
 
bpm3.1-era-fast-data-04
bpm3.1-era-fast-data-04bpm3.1-era-fast-data-04
bpm3.1-era-fast-data-04
 
Agent-Based Workflow
Agent-Based WorkflowAgent-Based Workflow
Agent-Based Workflow
 
Systems analysis and design lecture 1
Systems analysis and design lecture 1Systems analysis and design lecture 1
Systems analysis and design lecture 1
 
Why Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdfWhy Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdf
 
Why Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdfWhy Big Data Automation is Important for Your Business.pdf
Why Big Data Automation is Important for Your Business.pdf
 
ecm oracle
ecm oracleecm oracle
ecm oracle
 
Industrializing investment banking_wp_2
Industrializing investment banking_wp_2Industrializing investment banking_wp_2
Industrializing investment banking_wp_2
 
How an eSignature Workflow Streamlines Document Management | DrySign
How an eSignature Workflow Streamlines Document Management | DrySign How an eSignature Workflow Streamlines Document Management | DrySign
How an eSignature Workflow Streamlines Document Management | DrySign
 
Actionable Architecture
Actionable ArchitectureActionable Architecture
Actionable Architecture
 
Securing Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation NotesSecuring Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation Notes
 
data collection, data integration, data management, data modeling.pptx
data collection, data integration, data management, data modeling.pptxdata collection, data integration, data management, data modeling.pptx
data collection, data integration, data management, data modeling.pptx
 
Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)
 
Digital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxDigital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdox
 
Cloud computing gartner report
Cloud computing gartner reportCloud computing gartner report
Cloud computing gartner report
 

Mehr von Hüseyin Çakır

Step4 managementsendsorderw
Step4 managementsendsorderwStep4 managementsendsorderw
Step4 managementsendsorderwHüseyin Çakır
 
Step3sales deptsendsmanagement
Step3sales deptsendsmanagementStep3sales deptsendsmanagement
Step3sales deptsendsmanagementHüseyin Çakır
 
Step2sales deptsendswarehouse
Step2sales deptsendswarehouseStep2sales deptsendswarehouse
Step2sales deptsendswarehouseHüseyin Çakır
 

Mehr von Hüseyin Çakır (10)

Conclusion
ConclusionConclusion
Conclusion
 
Step4 managementsendsorderw
Step4 managementsendsorderwStep4 managementsendsorderw
Step4 managementsendsorderw
 
Step3sales deptsendsmanagement
Step3sales deptsendsmanagementStep3sales deptsendsmanagement
Step3sales deptsendsmanagement
 
Step2sales deptsendswarehouse
Step2sales deptsendswarehouseStep2sales deptsendswarehouse
Step2sales deptsendswarehouse
 
Step1customer sendsorder
Step1customer sendsorderStep1customer sendsorder
Step1customer sendsorder
 
Scenario
ScenarioScenario
Scenario
 
Project plan
Project planProject plan
Project plan
 
Introduction
IntroductionIntroduction
Introduction
 
Table ofcontents
Table ofcontentsTable ofcontents
Table ofcontents
 
Cover
CoverCover
Cover
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

XML Digital Signature Concepts

  • 1. SENIOR PROJECT 2007-2008 (Basic concepts of the ekoSign project) 3. Basic Concepts XML Digital Signature: Use and Adaptation to Achieve Success in E-business Processes Project team members Hüseyin Çakır, Mehmet Mesut Özışık, Yılmaz Kaya Abstract:This paper presents basic concepts that are needed during project implementation. At first part of the document the description of supply chain and it's elements are explained with motivation to the business challenges, company policies in an organization and some terminologies about XML Signature including digital signatures. Keywords:Digital signature, e-business, supply chain, XML signature. http://groups.google.com/group/digitalsignature digitalsignature@googlegroups.com PRINT DATE: 12/25/07 1
  • 2. During 80s business start to be conducted over internet especially after emergence of high speed communication networks as a result of this a lot of companies try to carry their internal and external operations using digital rather than traditional manual documentation. Constructing new procedures in data exchange become highly needed to fulfill e-commerce mechanisms. At this point XML become the most important source to be used in digital signature processes. XML Signature helps business actions to be authenticated and made accessible in business processes. There are also some shortcomings of the current XML signature procedures, first of all current technology is capable of providing signing capabilities for final document however in business logic there is a significant need to construct partial document ownership. Signature binding to the whole document is not a feasible solution in e-business, in fact participants in business need to make individual modifications on the document. According to Gupta, partial document ownership involves assigning ownership of the content to an individual when that individual changes part of a document. Clearly, partial document ownership requires that a document be recognized as a collection of objects [1]. 3.1 Business Challenge To understand business challenges, initially we had to understand supply chain concept in business. Supply chain consists of all stages involved directly or indirectly in fulfilling customer requests. As emphasis is on the customer, companies are reassessing their supply-chain processes. For companies to succeed, today's supply chains must be quick enough to respond to customer demands. In supply chain there are five main stages suppliers, manufacturers, distributors, retailers and customers. Also there are three types of flows product, information and fund. Information flow is the main issue to focus in digital signature processing. Information deeply affects every part of the supply chain. Its impact is easy to underestimate, as information affects a supply chain in many different ways. Consider the following; 1.Information serves as the connection between various stages of a supply chain, allowing them to coordinate and maximize total supply chain profitability. 2.Information is also crucial to the daily operations of each stage in supply chain [2]. In business, flows can be classified in two categories as internal flow and external flow. Figure 3.1 is the main motivation of our project which underlies the tree main information flow: • • Information flows inside the company between departments which is called internal flow. Information flows coming from outside of the company which are called external flow and information flows inside the departments themselves. 2
  • 3. Figure 3.1 Internal & external information flows. Our concern is to make information flows more efficient in a business structure by using XML in work flow applications. In work flows documents are moving around a community of people who perform particular tasks in business. XML is the best source to use in these application as XML has a structure like paper documents people are already using. To analyze work flows more concretely ; we have to think more technically, in traditional way of handling of information flow, data is kept in a database and when needed ad-hoc queries are used to get them, but this approach does not support the work flow. Typically in a document-based work flow, a document goes through a number of iterations as different people add to its content so XML structure is more effective to manage data on a work flow. 3.2 Company Policy Policies are high-level documents that represent corporate philosophy of an organization. In addition to the corporate policies, an organization should also define lower level of policies for departments and individual divisions. These lower level policies should have aligned philosophies with corporate level policies. Information system management policy is also one of the lower level policies that reflect the implementation of policies and procedures developed for various information system related management activities. Information system management policies will often set the stage in terms of what tools and procedures are needed for the organization in other words they are the frameworks for defining how a particular work should be performed. The project team should set a clear policy direction in line with business objectives and demonstrate support for, and commitment to, information security through the issue and maintenance of an information security policy across the organization [3]. Company policy will be constructed according to these three flows; Internal organization flows, external organization flows and flows inside company's departments. The XML documents' structure will be used to create policy levels. For instance, a company maintains it's order records in XML. Each record consist of the order name, order priority, order time and digital signature. • Nodes inside Sales Department of the company (information flow inside department) is allowed to see the entire order record, and modify order records so will have a most authorized digital signature. 3
  • 4. • • Internal nodes (other department e.g. Warehouse) are allowed to see the order name,order priority and order time, and only modify order time. External nodes are only allowed to see the order name, order priority and order time. Cannot modify any part of the record. So all these nodes must have different levels of authorization according to their positions at company policy. Moreover, every nodes has different level of authorization. For instance, Sales Managers' authorization level is different than Sales Representatives'. While Sales Managers are allowed to sign documents that has high order costs Sales Representatives cannot sign these type of documents as a result of company policies defined by the organization. 3.3 Process Flow for Document Signing Figure 3.2 presents the conceptual diagram of a prototype document signing system. The system involves an integration of digital signature technology with organizational sign-on initiatives and a document management system. Figure 3.2 The process flow for document signing. The process flow for document signing as follows; Retrieve certificate: Before starting to sign documents with a digital signature, users need to download a personal certificate from a certificate server to their PC. This can be done by submitting on-line authentication to the certificate server or by using plug-in certificate tools (e.g. RSA's web passport.). Certificate can be stored in user's PC for future use or deleted after signing. Obtain the document: Users can download document from any file server in use. When user is checking out a document, other users can be prevented from obtaining that document with write access. However, many file servers write file information to the documents, which in turn, invalidates digital signatures. Signing the document: User can use digital signature plug-in tools that are compatible with document creation software to sign or validate signatures on document. Submit the signed document: After signing a document, users can check document back into file server, which then lets other authorized users have complete access to it. Locking down the document: When all individuals of the contract process have signed in the document, the document can be locked down and moved to an access-controlled directory in the file server [1]. 4
  • 5. 3.4 Extensible Markup Language (XML) XML is a simple, very flexible text format derived from SGML (ISO 8879). Originally designed to meet the challenges of large-scale electronic publishing, XML is also playing an increasingly important role in the exchange of a wide variety of data on the Web and elsewhere. The XML standard has been developed and quickly a large number of software vendors have adopted the standard. XML will be the most common tool for all data manipulation and data transmission. The features that make XML so powerful for business transactions (e.g. , semantically rich and structured data, text-based, and Web-ready nature) provide both challenges and opportunities for the application of encryption and digital signature operations to XML-encoded data. For example, in many work flow scenarios where an XML document flows stepwise between participants, and where a digital signature implies some sort of commitment or assertion, each participant may wish to sign only that portion for which they are responsible and assume a concomitant level of liability. Older standards for digital signatures provide neither syntax for capturing this sort of highgranularity signature nor mechanisms for expressing which portion a principal wishes to sign. As XML becomes a vital component of the emerging electronic business infrastructure, we need reliable, secure XML messages to form the basis of business transactions. One key to enabling secure transactions is the concept of a digital signature, ensuring the integrity and authenticity of origin for business documents. XML Signature is an evolving standard for digital signatures that both addresses the special issues and requirements that XML presents for signing operations and uses XML syntax for capturing the result, simplifying its integration into XML applications [4]. 3.4.1 Layout of an XML Document XML divides documents into two main parts which are; • • Plain part of document. (Users insert their messages which they need to send.) XML Signature part. (Signatures that constructs signature process according to polcies.) A basic example to use of XML for a company can be seen below. The whole document is covered as a root element "progressReport". In the root element there are two departments "Sales Department" and "Warehouse" that are communicating with each other through the "plainPartOfDocument". Security issues can be controlled by "digitalSignature" element. Both two departments have different signatures related to their part of the document's content (Figure 3.2) . Figure 3.3 General layout of XML. 5
  • 6. <progressReport> <salesDepartment> Plain part of document for Sales Department at our example <plainPartOfDocument> X-product stock out!, new shipment needed. </plainPartOfDocument> Sample Digital Signature <digitalSignature> X6fshSf45ZS63a56ta35 </digitalSignature> </salesDepartment> <warehouse> Plain part of document for Warehouse at our example <plainPartOfDocument> Distribution of X- product is waiting to be approved. </plainPartOfDocument> Sample Digital Signature <digitalSignature> sf789HaODh67s8h7shs7 </digitalSignature> </warehouse> </progressReport> Figure 3.4 Detailed document layout. One of the most important benefits of XML is its extensibility. This feature can be used in our example by adding another department "management" into the "progressReport". XML is also platform-independent so that documents can be used on various systems. <management> <plainPartOfDocument> MESSAGE </plainPartOfDocument> <digitalSignature> adgX8d6g686g6A6dgsKCkvm </digitalSignature> </management> 6
  • 7. 3.4.2 XML Digital Signature Concept Digital signatures are important because they provide end-to-end message integrity guarantees, and can also provide authentication information about the originator of a message. In order to be most effective, the signature must be part of the application data, so that it is generated at the time the message is created, and it can be verified at the time the message is ultimately consumed and processed. An XML signature would define a series of XML elements that could be embedded in, or otherwise affiliated with, any XML document. It would allow the receiver to verify that the message has not been modified from what the sender intended. The XML-Signature Syntax and Processing specification (abbreviated in this article as XML DSIG) was a joint effort of the W3C and the IETF. It's been an official W3C Recommendation since February 2002 [5]. A top-level of XML Signature document is fairly simple. It has information about what is being signed, the signature, the keys used to create the signature, and a place to store arbitrary information: <element name="Signature" type="ds:SignatureType"/> <complexType name="SignatureType"> <sequence> <element ref="ds:SignedInfo"/> <element ref="ds:SignatureValue"/> <element ref="ds:KeyInfo" minOccurs="0"/> <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> </sequence> <attribute name="Id" type="ID" use="optional"/> </complexType> There are eight main concepts that is used in the XML layout : • • • • • • • • Id ds:SignatureValue ds:Object ds:SignedInfo ds:KeyInfo Reference Element Transforms Element Manifest Element Id The global Id attribute allows a document to contain multiple signatures, and provides a way to identify particular instances. Multiple signatures are common in business policies, such as when both the manager and the Travel Office must approve a trip application. 7
  • 8. ds:Signature Value Element This element contains the actual signature. As signatures are always binary data, XML DSIG specifies that the signature value is always a simple element with Base64-encoded content: <element name="SignatureValue" type="ds:SignatureValueType"/> <complexType name="SignatureValueType"> <simpleContent> <extension base="base64Binary"> <attribute name="Id" type="ID" use="optional"/> </extension> </simpleContent> </complexType> ds:Object Element An XML DSIG can cover multiple items. An item will often be able to stand on its own, such as a Web page or XML business document, but sometimes an item is best treated as metadata for the "true" content being signed. For example, the data might be a "property" of the signature, such as a time stamp for when the signature was generated. The ds:Object element can be used to hold such data within the Signature: <element name="Object" type="ds:ObjectType"/> <complexType name="ObjectType" mixed="true"> <sequence minOccurs="0" maxOccurs="unbounded"> <any namespace="##any" processContents="lax"/> </sequence> <attribute name="Id" type="ID" use="optional"/> <attribute name="MimeType" type="string" use="optional"/> <attribute name="Encoding" type="anyURI" use="optional"/> </complexType> ds:SignedInfo Element The content of ds:SignedInfo can be divided into two parts, information about the SignatureValue, and information about the application content, as we can see from the following XML Schema fragment: <element name="SignedInfo" type="ds:SignedInfoType"/> <complexType name="SignedInfoType"> <sequence> <element ref="ds:CanonicalizationMethod"/> <element ref="ds:SignatureMethod"/> <element ref="ds:Reference" maxOccurs="unbounded"/> </sequence> <attribute name="Id" type="ID" use="optional"/> </complexType> 8
  • 9. ds:KeyInfo Element Recall that content is protected by using indirection: the ds:SignatureValue covers the ds:SignedInfo, which contains ds:References that contain the digest values of the application data. Change any of those things, and the chain of math computations is broken, and the signature won't verify. The only thing left to do is to identify the signer, or at least the key that generated the signature (or, more cryptographically, the key that protects the digest from being modified). This is the job of the ds:KeyInfo element: <element name="KeyInfo" type="ds:KeyInfoType"/> <complexType name="KeyInfoType" mixed="true"> <choice maxOccurs="unbounded"> <element ref="ds:KeyName"/> <element ref="ds:KeyValue"/> <element ref="ds:RetrievalMethod"/> <element ref="ds:X509Data"/> <element ref="ds:PGPData"/> <element ref="ds:SPKIData"/> <element ref="ds:MgmtData"/> <any processContents="lax" namespace="##other"/> <!-- (1,1) elements from (0,unbounded) namespaces --> </choice> <attribute name="Id" type="ID" use="optional"/> </complexType> Reference Element Reference is an element that may occur one or more times. It specifies a digest algorithm and digest value, and optionally an identifier of the object being signed, the type of the object, and/or a list of transforms to be applied prior to digesting. The identification (URI) and transforms describe how the digested content (i.e., the input to the digest method) was created. The Type attribute facilitates the processing of referenced data. For example, while this specification makes no requirements over external data, an application may wish to signal that the referent is a Manifest. An optional ID attribute permits a Reference to be referenced from elsewhere [6]. <element name="Reference" type="ds:ReferenceType"/> <complexType name="ReferenceType"> <sequence> <element ref="ds:Transforms" minOccurs="0"/> <element ref="ds:DigestMethod"/> <element ref="ds:DigestValue"/> </sequence> <attribute name="Id" type="ID" use="optional"/> <attribute name="URI" type="anyURI" use="optional"/> <attribute name="Type" type="anyURI" use="optional"/> </complexType> 9
  • 10. Transforms Element The optional Transforms element contains an ordered list of Transform elements; these describe how the signer obtained the data object that was digested. The output of each Transform serves as input to the next Transform. Examples of transforms include but are not limited to base64 decoding [MIME], canonicalization [XML-C14N], XPath filtering [XPath], and XSLT [XSLT] [6]. <element name="Transforms" type="ds:TransformsType"/> <complexType name="TransformsType"> <sequence> <element ref="ds:Transform" maxOccurs="unbounded"/> </sequence> </complexType> <element name="Transform" type="ds:TransformType"/> <complexType name="TransformType" mixed="true"> <choice minOccurs="0" maxOccurs="unbounded"> <any namespace="##other" processContents="lax"/> <!-- (1,1) elements from (0,unbounded) namespaces --> <element name="XPath" type="string"/> </choice> <attribute name="Algorithm" type="anyURI" use="required"/> </complexType> Manifest Element The Manifest element provides a list of References. The difference from the list in SignedInfo is that it is application defined which, if any, of the digests are actually checked against the objects referenced and what to do if the object is inaccessible or the digest compare fails [6]. <element name="Manifest" type="ds:ManifestType"/> <complexType name="ManifestType"> <sequence> <element ref="ds:Reference" maxOccurs="unbounded"/> </sequence> <attribute name="Id" type="ID" use="optional"/> </complexType> 10
  • 11. 3.5 References [1]. A. Gupta., Y.A. Tung, J.R. Marsten, “Digital signature:use and modification to achieve success in nextgenerational e-business processes”, Sicience Direct, p.571, June 2003. [Online]. Avaliable:http://www.sciencedirect.com. [Accessed October 17, 2007]. [2].Sunil Chopra,Peter Meindil , “Chapter1, Understanding the supply chain ”, in Supply Chain Management 3rd edition, pp.3-18. [3]. “Information technology . Security techniques”, ISO/IEC, p.7, February 2005. [4].The World Wide Web Consortium, “XML Avaliable:http://www.w3.org/Signature [Accessed October 25, 2007]. Signature”, [Online]. [5].Microsoft Developer Network, “ Understanding XML Digital Signature”[Online]. Avaliable:http://msdn2.microsoft. com/en-us/library/ms996502.aspx [Accessed November 2007]. [6]. The World Wide Web Consortium , “XML Signature Syntax and Processing”, [Online]. Avaliable: http://www.w3.org/TR/xmldsig-core/#sec [Accessed December 20, 2007]. 11