Controlling digital signature services using a smartcard

Abstract

In this paper a number of requirements for the corporate user of digital signature technology have been identified. These appeared at first sight to be demanding security controls and usability requirements over and above those assumed of normal signature systems. However, once the requirements were fully analyzed, an approach was described which not only met the additional requirements, but did so while at the same time reducing the likely implementation cost, by reducing the burden placed on the smartcard, and increasing the effective performance be delegating signature processing to a shared server. This approach appears therefore to be unique in raising levels of security, usability and performance while at the same time reducing potential implementation costs and adhering to external standards. It should therefore be of extreme interest to all corporate users who wish to enter the world of electronic commerce backed by digital signature and non-repudiation. © 1995.