An advanced certificate validation service and architecture based on XKMS

Autor: Daniel Sánchez-Martínez, Antonio F. Gómez-Skarmeta, Antonio Ruiz-Martínez, Manuel Gil-Pérez, C. Inmaculada Marín-López
Rok vydání: 2010
Předmět:
Zdroj: Software: Practice and Experience. 41:209-236
ISSN: 0038-0644
DOI: 10.1002/spe.996
Popis: The appearance of some laws that make the electronic signature (e-signature) legally equivalent to the handwritten signature (under some circumstances) has favoured its use in different fields, such as e-commerce and e-government. In these fields, the e-signatures associated to some documents have to remain valid over long periods of time. For these kinds of e-signatures, Advanced Electronic Signature (AdES) forms have appeared. These forms specify the information to include along with the e-signature so that it remains valid for a long time after its creation. Basically, this information comprises signers' certificates, a set of certificates up to a trust anchor, certificate validation responses, etc. These data can be gathered by using different Public Key Infrastructure-compliant protocols. However, the support of different protocols is complex for clients. XML Key Management Specification (XKMS) appeared with the aim of simplifying the certificate management, but it only supports a simple validation mechanism that does not provide the information needed for long-term validation. As a solution to this problem, we have extended XKMS by defining an advanced certificate validation service to support the obtaining of validation data needed for different scenarios, such as the building of AdES forms or validation data registries. This extension also defines the different components needed to support this kind of a service. Furthermore, the defined service has been implemented and incorporated into an e-government infrastructure. Copyright © 2010 John Wiley & Sons, Ltd. (This article is an extended and revised version of ‘ACVS: an Advanced Certificate Validation Service in Service-Oriented Architectures’. Published in Proceedings of the Third International Conference on Internet and Web Applications and Services (ICIW'08). pp. 297–302, Athens (Greece), 2008.)
Databáze: OpenAIRE