Minimal-Footprint Middleware to Leverage Qualified Electronic Signatures
暂无分享,去创建一个
Qualified electronic signatures are recognized as being equivalent to handwritten signatures and are supported by EU legislation. They require a secure signature creation device (SSCD) such as a smart card. This paper presents a novel approach for the integration of smart cards in web applications without the requirement to install dedicated software on the user’s computer. The signature creation process is split into two parts: One part is performed on the server side and the other part (requiring access to functions of the secure signature creation device) is deployed and executed as a lightweight component in the user’s browser on demand. This significantly facilitates the usage of smart cards for the creation of qualified electronic signatures and therefore counteracts their low market penetration all over Europe. The approach has meanwhile attracted attention in various Member States and proved ideal for the quick integration and deployment of a large number of diverse and rapidly evolving SSCDs.
[1] Thomas Rössler,et al. Giving an interoperable e-ID solution: Using foreign e-IDs in Austrian e-Government , 2008, Comput. Law Secur. Rev..
[2] Heiko Rossnagel,et al. On Diffusion and Confusion - Why Electronic Signatures Have Failed , 2006, TrustBus.
[3] Heiko Roßnagel,et al. Mobile qualifizierte elektronische Signaturen , 2009 .
[4] Reinhard Posch,et al. Security architecture of the Austrian citizen card concept , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..