Marius Marian

Diana Berbecaru, Marius Marian

Initially developed and considered for providing authentication and integrity functions, digital signatures are studied nowadays in relation to electronic documents (edocs) so that they can be considered equivalent to handwritten signatures applied on paper documents. Nevertheless, a standardized format to be used specifically for e-doc representation was not yet specified. Each document management system is free to choose whatever e-doc format is suitable for its requirements (e.g. ASCII, Word, PDF, binary). So far, some solutions for document management systems were found but none of them was designed to consider security an important requirement and to enable digital signing and easy management of e-docs. A possible solution to this problem is our secure document management system named AIDA. This paper focuses on the use of XML and XML Signature for the representation of e-docs in AIDA.

Marius Marian, Diana Berbecaru

Traditionally, publicly available repositories of certificates offer the usual response to the problem of public key distribution. After issuing a public-key certificate a certification authority (CA) - in the frame of a particular public-key infrastructure (PKI) - will store and publish that certificate in a repository so that, at a later moment, end-users can search, find and retrieve public-key certificates. A known and still persisting drawback of this approach is that these repositories are not interconnected between each other on an Internet scale, therefore the search and retrieving of certificates on a wider scale turns out to be very difficult. In this scenario, end-users are supposed to know the Internet location of the repository before actually starting the procedure of search and retrieval. Currently, there are no means to perform automatic discovery of authoritative repositories for a particular certificate using as a search-key some information identifying an Internet entity. In this paper, we try to describe a different approach for solving the key distribution problem. This solution takes into account an already existing Internet-wide infrastructure: the domain name system (DNS).

Diana Berbecaru, Antonio Lioy, Marius Marian et al.

The efficiency and service quality in a medical environment can be improved by using electronic documents (or e-docs) and digital signatures to speed up both doctors' activity and to provide in the same time easy retrieval and use of needed data without loosing convenience. Our proposed solution satisfies these needs by making use of the AIDA system and many cutting-edge techniques to build a digitalized management system. To be more specific, we present firstly the AIDA document exchange framework for the management (creation, search, storage) of e-docs expressed in XML format. The framework provides security services, like privacy, authorization, authentication and non-repudiation. We describe next the use of AIDA in a real world medical service, namely the creation of electronic medical records (e- MRs). Doctors can use mobile devices that embed a secure trustworthy environment defined also in AIDA for digitally signing the e-MRs. Technically speaking a handheld PC equipped with a smart-card reader and integrating What You See Is What You Sign (WYSIWYS) features will be used for viewing and signing the e-MRs. Furthermore the proposed system is easily integrated with the infrastructure (e.g., database system) already in use at hospital's administration site and allows easy handling and updating of data processed on the mobile devices. The use of web interface for the operations to be executed on the mobile device or for those executed on the remote part of the system makes the whole application homogeneous and easy to use.

Diana Berbecaru, Antonio Lioy, Marius Marian

The efficiency and service quality in public administration can be improved by using electronic documents (or e-docs) and digital signature to speed up their activity and at the same time to better satisfy customer needs. This paper presents an XML-based document exchange system that integrates a platform for the management (creation, search, storage) of e-docs and a secure trustworthy environment for digitally signing e-docs. The framework provides security services, like privacy, authorization, authentication and non-repudiation. Possibly a mobile terminal equipped with a smartcard reader and integrating WYSIWYS features could be used for viewing and signing e-docs. The proposed system can be easily integrated with the infrastructure (e.g. database system) already in use at each administration site. It is described also the use of the system in a real world service.