PKI Research Papers - Academia.edu (original) (raw)

Maintenance of land records, processing of mutations and delivery and access of documents are key areas which have been revamped as a result of successful Computerisation of Land Records project. Efforts have been also made to share data;... more

Maintenance of land records, processing of mutations and delivery and access of documents are key areas which have been revamped as a result of successful Computerisation of Land Records project. Efforts have been also made to share data; contents and documents over Internet with relevant stakeholders. Hand-written copies with manual signatures of competent authority have an assurance value for consumers or citizens. This authenticity can also be introduced into electronic documents through different mechanisms like Digital Signature, Bar Code and Digital Pen. This paper describes these mechanisms of introducing the authenticity into the electronic documents. It is one of the key factor for success of governance projects at grass root level.

Tesis de maestría sobre la Infraestructura de Firma Digital de la República Argentina. Analiza la PKI desde la triple perspectiva tecnológica, jurídica e institucional. Contiene una encuesta en Argentina con los mismos indicadores de la... more

Tesis de maestría sobre la Infraestructura de Firma Digital de la República Argentina. Analiza la PKI desde la triple perspectiva tecnológica, jurídica e institucional. Contiene una encuesta en Argentina con los mismos indicadores de la encuesta OASIS.

Kebenaran tentang perebutan kekuasaan tidak boleh dibikin jelas; pada mulanya ia terjadi tanpa alasan tapi kemudian menjadi masuk akal. Kita harus memastikan bahwa kebenaran itu dianggap sah dan abadi; adapun asal-muasalnya sendiri harus... more

Kebenaran tentang perebutan kekuasaan tidak boleh dibikin jelas; pada mulanya ia terjadi tanpa alasan tapi kemudian menjadi masuk akal. Kita harus memastikan bahwa kebenaran itu dianggap sah dan abadi; adapun asal-muasalnya sendiri harus disembunyikan, jika kita tidak ingin kebenaran itu cepat berakhir. (Blaise Pascal, Pensees, 1670)
Buku ini mendekonstruksi kebenaran pada masa orde baru, dengan memunculkan berbagai fakta yang tersembunyi ataupun disembunyikan untuk dengan memberikan gambaran asal-muasal tentang kejelasan perebutan kekuasaan dalam fenomena G-30-S yang dijadikan landasan pembenaran pembunuhan massal.

This paper presents a healthcare model based on smart cards. The purpose of the proposed model is to facilitate information exchange and integration across medical organizations. Currently, in Saudi Arabia, all medical centers have their... more

This paper presents a healthcare model based on smart cards. The purpose of the proposed model is to facilitate information exchange and integration across medical organizations. Currently, in Saudi Arabia, all medical centers have their own healthcare system. Each time a patient visits a clinic; a new file is created for him. Clinical information history related to the previous consultations is not available. Confidential information is not protected by the traditional folder. Prescriptions provided by doctors are signed manually and not efficiently authenticated by pharmacies. Claims are transmitted to the insurance companies by fax which makes them subject to falsification. The existing approach of the ministry of health in maintaining information about patients is not efficient, because healthcare institutions are not linked to a central system. In the proposed solution, the smart card will be used to store medical history of a patient that contains all diagnosis and drug prescriptions done in different medical centers. It will be used also to store keys and perform all the cryptographic computations. The medical institutions should adhere to the government healthcare organization system managed by the ministry of health. The healthcare organization should play the trusted third party as certification authority (CA). The information exchanged by the medical institutions should be protected and secured.

Presently, mobile handheld device has successfully replaced traditional telephone to become the most popular wireless communication tools. Mobile Short Message Service (SMS) and Multimedia Message Service (MMS) fulfill almost all the user... more

Presently, mobile handheld device has successfully replaced traditional telephone to become the most popular wireless communication tools. Mobile Short Message Service (SMS) and Multimedia Message Service (MMS) fulfill almost all the user requirements as an effective communication and information delivering service. Since SMS/MMS become so popular on daily communication, there is a demand to communicate or exchange confidential information in a secure environment. Public Key Infrastructure (PKI) is a proven solution, which using pairing of key, for secure communication encryption. In this paper, m–PKI is introduced to provide PKI encryption to the mobile SMS and MMS. This new approach allows the end-user to send private and classified message via SMS. The key pair generation and distribution are performed by the Certificate Authority (CA). The size of the key pair are studied and decided by the tradeoff between performance and security.

Despite significant investments in eGovernment, reported experiences show limited and struggling success cases. In the last 15 years, Governments’ efforts have been scattered, as agencies were mainly concerned with the development of... more

Despite significant investments in eGovernment, reported experiences show limited and struggling success cases. In the last 15 years, Governments’ efforts have been scattered, as agencies were mainly concerned with the development of informational portals and some basic online services resulting from the automation of a few traditional transactions.
In fact, Governments have been cautious in terms of their preferred eGovernment approaches and strategies. A large number of Governments’ services are still provided over the counter and requires the physical presence of citizens. This is in principle due to the fact that existing eGovernment environments lack effective methods through which they can establish trust and avail services over digital networks.
This article discusses the need for trust establishment to advance eGovernment in light of the existing and emerging realities. It looks at the evolving forms of identities, namely digital identities and the role of PKI technology in enabling such requirements.
The key contribution of this article is that it provides an overview of a large scale national PKI program which was deployed as part of a government identity management infrastructure development scheme in the United Arab Emirates. It provides an insight into the architecture and features of the PKI deployment. It presents how the UAE government planned and set up a national identity validation gateway to support both online and traditional transactions. It also includes some reflections on key management considerations and attempts to make reference to some European initiatives to highlight similarities and differences with the UAE and GCC projects.

The study investigated the practices of organisations in Gulf Cooperation Council (GCC) countries with regards to G2C egovernment maturity. It reveals that e-government G2C initiatives in the surveyed countries in particular, and arguably... more

The study investigated the practices of organisations in Gulf Cooperation Council (GCC) countries with regards to G2C egovernment maturity. It reveals that e-government G2C initiatives in the surveyed countries in particular, and arguably around the world in general, are progressing slowly because of the lack of a trusted and secure medium to authenticate the identities of online users. The authors conclude that national ID schemes will play a major role in helping governments reap the benefits of e-government if the three advanced technologies of smart card, biometrics and public key infrastructure (PKI) are utilised to provide a reliable and trusted authentication medium for e-government services.

This article looks at one of the evolving crimes of the digital age; identity theft. It argues and explains that if three key technologies were implemented together namely biometrics, smart cards, and PKI, then they can deliver a robust... more

This article looks at one of the evolving crimes of the digital age; identity theft. It argues and explains that if three key technologies were implemented together namely biometrics, smart cards, and PKI, then they can deliver a robust and trusted identification and authentication infrastructure. The article concludes that such infrastructure may provide the foundation for e-government and ecommerce initiatives as it addresses the need for strong user authentication of virtual identities.

The radical evolution of computers and advancement of technology in the area of hardware (smaller size, weight, low power consumption and cost, high performance) and communications has introduced the notion of mobile computing. Mobile... more

The radical evolution of computers and advancement of technology in the area of hardware (smaller size, weight, low power consumption and cost, high performance) and communications has introduced the notion of mobile computing. Mobile Commerce is an evolving area of e-commerce, where users can interact with service providers through a mobile and wireless network using mobile device for information retrieval and transaction
processing. Mobile wireless market is increasing by leaps and bounds. The quality and speeds available in the mobile environment must match the fixed networks if the convergence of the mobile wireless and fixed communication network is to happen in the real sense. The challenge for mobile network lie in providing very large footprint of mobile services with high speed and security. Online transactions using mobile devices must ensure high security for user credentials and it should not be possible for misuse. The paper discusses issues related to M-Commerce security.

250 KAMPUCHEA AND STALINISM SELECT BIBLIOGRAPHY Carney, Timothy M., Communist Party Power in Kampuchea (Cambodia): Documents and Discussion (Cornell University Southeast Asia Program Data Paper No. 106, 1977). A valuable collection of... more

250 KAMPUCHEA AND STALINISM SELECT BIBLIOGRAPHY Carney, Timothy M., Communist Party Power in Kampuchea (Cambodia): Documents and Discussion (Cornell University Southeast Asia Program Data Paper No. 106, 1977). A valuable collection of primary documents on the Khmer Rouge movement in the early 1970's, with a thoughtful introduction. Chandler, David P., A History of Cambodia (Westview Press, Boulder, Colorado, 1983). A first general history of Kampuchea in the English language; essential reading for the background to the ...

A joint project for Finnish universities and polytechnics has studied the applicability of the public key infrastructure (PKI) and smart cards in higher education institutes. The nine pilots in the project have provided practical... more

A joint project for Finnish universities and polytechnics has studied the applicability of the public key infrastructure (PKI) and smart cards in higher education institutes. The nine pilots in the project have provided practical experience on the implementation of PKI and services relying on it. The project has identified motives for PKI deployment. Interdependencies of PKI and other topics such as user administration and interinstitutional use of resources have been addressed. The project has summarised its experiences to seven conclusions.

In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less... more

In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less infrastructure, (2) solving the certificate revocation problem, and (3) eliminating third-party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the identity-based cryptography. In this paper, we first introduce a new attack called the “Key Replacement Attack” in the certificate-based system and refine the security model of certificate-based signature. We show that the certificate-based signature scheme presented by Kang, Park and Hahn in CT-RSA 2004 is insecure against key replacement attacks. We then propose a new certificate-based signature scheme, which is shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. Compared with the certificate-based signature scheme in CT-RSA 2004, our scheme enjoys shorter signature length and less operation cost, and hence, our scheme outperforms the existing schemes in the literature.

Most of the early Virtual Private Networks (VPN) connection came from the vendors of networking hardware and software to satisfy one time goal of security in communication in a remote way. The first and foremost of the solution of VPN is... more

Most of the early Virtual Private Networks (VPN) connection came from the vendors of networking hardware and software to satisfy one time goal of security in communication in a remote way. The first and foremost of the solution of VPN is to introduce the security protocols like IPSec. IPSec uses cryptography in order to encrypt and authenticate the traffic flowing