File Download
  Links for fulltext
     (May Require Subscription)
Supplementary

postgraduate thesis: Electronic signature : towards a seamless integration of legislation and technology

TitleElectronic signature : towards a seamless integration of legislation and technology
Authors
Issue Date2014
PublisherThe University of Hong Kong (Pokfulam, Hong Kong)
Citation
Chan, T. D. [陳德輝]. (2014). Electronic signature : towards a seamless integration of legislation and technology. (Thesis). University of Hong Kong, Pokfulam, Hong Kong SAR. Retrieved from http://dx.doi.org/10.5353/th_b5312336
AbstractFor more than a decade, the separate fields of legislation and cryptography have contributed to the development of electronic signatures from divergent perspectives. Research on legislation establishes the legal requirements for electronic signatures, which have been stipulated in legislative frameworks. Research on cryptography mainly focuses on the development of algorithms to enhance the security and efficiency of the methods adopted to generate electronic signatures, for instance, cryptographic signature schemes. This research draws together the knowledge from both of these fields and takes an integrated approach to assess whether a signature scheme is capable of generating electronic signatures satisfying the legal requirements. This research first identifies and consolidates the legal requirements for electronic signatures in three commonly used legislative frameworks. Based on these requirements, an assessment mechanism called LCD assessment is formalized to evaluate the eligibility of signature schemes in generating legally recognized electronic signatures. Results show that when the LCD assessment is applied to several provably secure signature schemes, one of these schemes does not adequately satisfy the assessment. This significant finding suggests that even a provably secure signature scheme is not necessarily capable of generating legally recognized electronic signatures. Furthermore, electronic signature legislation has been promulgated in many countries. Due to variations in legislation, countries enforce different regulations and divergent standards for electronic signatures. Such enforcement will prevent an electronic signature from being used across the border if the signature cannot simultaneously fulfill multiple regulatory requirements and standards. This issue creates the interoperability problem of public key infrastructure (PKI). Several major countries have attempted to address this problem through adopting different interoperability models. These models are analyzed in this study and the results suggest that the models can only achieve PKI interoperability at a regional level. A new unified PKI framework is proposed with a vision to enhance the PKI interoperability through harmonizing the practices and standards at an international level. Such a framework not only addresses the technical issues for electronic signatures, but also eliminates the legal uncertainties of the use of signature schemes through incorporating the LCD assessment. The outcomes of this research are therefore twofold. First, the LCD assessment provides a mechanism to assess the eligibility of signature schemes from a legal perspective. Second, the new unified PKI framework begins to resolve the issues in cross-border use of electronic signatures through a multi-discipline approach. In addressing the interaction between legislation and technology for electronic signatures, the wider use of electronic signatures in global electronic commerce is envisaged.
DegreeDoctor of Philosophy
SubjectDigital signatures
Dept/ProgramComputer Science
Persistent Identifierhttp://hdl.handle.net/10722/206325

 

DC FieldValueLanguage
dc.contributor.authorChan, Tak-fai, Dan-
dc.contributor.author陳德輝-
dc.date.accessioned2014-10-23T23:14:26Z-
dc.date.available2014-10-23T23:14:26Z-
dc.date.issued2014-
dc.identifier.citationChan, T. D. [陳德輝]. (2014). Electronic signature : towards a seamless integration of legislation and technology. (Thesis). University of Hong Kong, Pokfulam, Hong Kong SAR. Retrieved from http://dx.doi.org/10.5353/th_b5312336-
dc.identifier.urihttp://hdl.handle.net/10722/206325-
dc.description.abstractFor more than a decade, the separate fields of legislation and cryptography have contributed to the development of electronic signatures from divergent perspectives. Research on legislation establishes the legal requirements for electronic signatures, which have been stipulated in legislative frameworks. Research on cryptography mainly focuses on the development of algorithms to enhance the security and efficiency of the methods adopted to generate electronic signatures, for instance, cryptographic signature schemes. This research draws together the knowledge from both of these fields and takes an integrated approach to assess whether a signature scheme is capable of generating electronic signatures satisfying the legal requirements. This research first identifies and consolidates the legal requirements for electronic signatures in three commonly used legislative frameworks. Based on these requirements, an assessment mechanism called LCD assessment is formalized to evaluate the eligibility of signature schemes in generating legally recognized electronic signatures. Results show that when the LCD assessment is applied to several provably secure signature schemes, one of these schemes does not adequately satisfy the assessment. This significant finding suggests that even a provably secure signature scheme is not necessarily capable of generating legally recognized electronic signatures. Furthermore, electronic signature legislation has been promulgated in many countries. Due to variations in legislation, countries enforce different regulations and divergent standards for electronic signatures. Such enforcement will prevent an electronic signature from being used across the border if the signature cannot simultaneously fulfill multiple regulatory requirements and standards. This issue creates the interoperability problem of public key infrastructure (PKI). Several major countries have attempted to address this problem through adopting different interoperability models. These models are analyzed in this study and the results suggest that the models can only achieve PKI interoperability at a regional level. A new unified PKI framework is proposed with a vision to enhance the PKI interoperability through harmonizing the practices and standards at an international level. Such a framework not only addresses the technical issues for electronic signatures, but also eliminates the legal uncertainties of the use of signature schemes through incorporating the LCD assessment. The outcomes of this research are therefore twofold. First, the LCD assessment provides a mechanism to assess the eligibility of signature schemes from a legal perspective. Second, the new unified PKI framework begins to resolve the issues in cross-border use of electronic signatures through a multi-discipline approach. In addressing the interaction between legislation and technology for electronic signatures, the wider use of electronic signatures in global electronic commerce is envisaged.-
dc.languageeng-
dc.publisherThe University of Hong Kong (Pokfulam, Hong Kong)-
dc.relation.ispartofHKU Theses Online (HKUTO)-
dc.rightsCreative Commons: Attribution 3.0 Hong Kong License-
dc.rightsThe author retains all proprietary rights, (such as patent rights) and the right to use in future works.-
dc.subject.lcshDigital signatures-
dc.titleElectronic signature : towards a seamless integration of legislation and technology-
dc.typePG_Thesis-
dc.identifier.hkulb5312336-
dc.description.thesisnameDoctor of Philosophy-
dc.description.thesislevelDoctoral-
dc.description.thesisdisciplineComputer Science-
dc.description.naturepublished_or_final_version-
dc.identifier.doi10.5353/th_b5312336-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats