Digital signature: use and modification to achieve success in next generational e-business processes
Introduction
In the e-commerce arena, security is a great concern to many organizations when a considerable volume of documents and transactions are computerized/digitized and exchanged online [8], [11], [13]. This paper’s primary focus is on the techniques commonly referred to as “digital signatures,” which are attachments to documents used to verify or authenticate a “signer” and the document signed. Combined with certificates issued by trusted third parties and enhanced by biometric authentication tools, digital signatures are gaining a presence in the transaction or final document arena. Our argument, however, is that their really significant benefits for companies and organizations lie in potential improvement of stepwise sign-off processes including negotiation and contract/document generation.
Following the American Bar Association (ABA) guidelines [1], we differentiate digital signatures from the more mundane digitized images of hand-written signatures, such as typed notations like ‘/s/John Smith’, or even addressing notations, such as electronic mail headers. In addition to improved security, digital signatures provide the following advantages:
- (i)
no need to print out documents for signing;
- (ii)
reduced storage of paper copies;
- (iii)
improved management and access (anytime/anywhere) of electronic versus paper documents;
- (iv)
elimination of need for faxing or overnight mailing—reduction of cycle time;
- (v)
improved security of document transmission; and
- (vi)
enhanced management processes outside the “final signature” step.
The concepts and ideas in this paper have been developed in an attempt to adopt leading edge digital signature technologies for everyday business processes. Operational managers helped in shaping and refining the vision of an ideal system and helped identify the shortcomings/limitations of current digital signature technology. Such interaction is critically important in understanding existing practices as well as in shaping technological solutions that enabled process enhancements.
Section snippets
Concept and current status of digital signature
Digital signatures process is based on the idea of asymmetric encryption. Each user of this paradigm has two “keys” assigned to them. One of the keys is known only to the user and is called “private” key while the other key is public knowledge and is known as “public” key. Both public and private keys can be used to encrypt or decrypt data, however, whatever is encrypted by public key can only be decrypted by private key and vice versa. Typical encryption, for example the encryption of credit
Enhanced security
While digital signatures are already being used by companies such as Federal Express in the physical world and BuyAndHold.com in the electronic world, their scope is limited, since the only requirement is to obtain the verification from a customer that he/she agrees to the statements in a given document. The party that requires the customer’s signature produces the document. The customer does not have the opportunity or the means to edit the document. Thus, the signed documents’ integrity can
E-signature for document management processes: a framework (digital signature for signing documents for archival)
As one would expect, initial applications of new information technologies focus on the most straightforward and easiest. In many cases, this has been transaction processing and digital signature technology has been no exception. In a typical application, an individual either uses the public key of the receiver or his own private key to sign a document. When the document reaches the designated receiver, it can be opened and verified by using the appropriate key. Such applications are
Managerial implications and summary
The digital signature process is being or will soon be adopted by organizations to replace traditional ways of signing documents, especially when they are transmitted over the Internet. As Sprague [16] pointed out, most organizations have a substantial set of paperwork systems that have not been fully computerized because they are based on documents rather than data records. We contend that, while digital signature technological tools exist, these tools were developed with limited business
Acknowledgements
The concepts and ideas in this paper have been developed over the past 2 years in an attempt to adopt the leading edge technologies for everyday business processes. The authors have interacted with several high level and operational managers and digital signature software providers. The operational managers helped in shaping and refining the vision of an ideal system and helped identify the shortcomings/limitations of current technology. We are also grateful to the students at UCONN’s edgelab
Alok Gupta is an associate professor at the Department of Information and Decision Sciences at Carlson School of Management, University of Minnesota. He received his PhD in management science and information systems from The University of Texas at Austin in 1996. His research has been published in various information systems, economics, and computer science journals such as Management Science, ISR, CACM, JMIS, Decision Sciences, Journal of Economic Dynamics and Control, Computational Economics,
References (18)
- et al.
MEDIATOR: towards a negotiation support system
European Journal of Operational Research
(1987) - et al.
Security threats to Internet: a Korean multi-industry investigation
Information and Management
(2001) - et al.
Evaluating security threats in mainframe and client/server environments
Information and Management
(1997) - American Bar Association, Digital Signature Guidelines Tutorial, Posted at ABA site:...
- J.P. Campbell Jr., Speaker recognition: a tutorial, Proceedings of the IEEE 85 (9) (1997)...
High confidence visual recognition of persons by a test of statistical independence
IEEE Transactions on Pattern Analysis and Machine Intelligence
(1993)Security issues for systems used for collecting, storing and interpreting human biological data
Journal of Commercial Biotechnology
(2002)- et al.
Biometric identification
Communications of the ACM
(2000) - A.K. Jain, L. Hong, S. Pankanti, R. Bolle, An identity-authentication system using fingerprints, Proceedings of the...
Cited by (20)
GooseBt: A programmable malware detection framework based on process, file, registry, and COM monitoring
2023, Computer CommunicationsDNA computing in cryptography
2023, Advances in ComputersCitation Excerpt :Without the location of the gene, the attacker will require to check the whole DNA sequence which is infeasible. In the present-day e-commerce domain, digital signatures have significant prospects for facilitating reliable electronic transactions, as in numerous important business processes they occur before or independently of the final transactions [56]. Digital signatures use mathematical techniques or hash functions illustrated in Fig. 10 to validate web pages or documents or messages or software.
Legitimating digital technologies in industry exchange fields: The case of digital signatures
2022, Information and OrganizationCitation Excerpt :First, to honor transactions, digital signatures authenticate each transacting party's identity (El-Gamal, 1985; Paillier, 1999). Moreover, as information messages are being transmitted within e-commerce marketplaces and exchanged across diverse organizational settings, digital signatures afford the integrity of the messages (Gupta, Tung, & Marsden, 2004). Finally, digital signatures afford non-repudiation or tying the messages to the sender to confirm and validate authorship, which is critical for honoring transactions (Zhu, Guo, Gan, & Tsai, 2016).
Assessment of E-Commerce security using AHP and evidential reasoning
2012, Expert Systems with ApplicationsCitation Excerpt :A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. Digital signatures provide a secure vehicle for preventing unauthorized alterations of the data and hold great potential for facilitating secure E-Commerce transaction (Gupta, Tung, & Marsden, 2004). Conventional commercial laws that typically facilitate international commerce by binding and protecting the trading partners, have not been customized to accommodate transactions in E-Commerce (Aggarwal, Rezaee, & Soni, 1993).
Decision support systems unfrastructure: The root problems of the management of changing IT
2008, Decision Support SystemsFactors affecting the adoption of electronic signature: Executives' perspective of hospital information department
2007, Decision Support Systems
Alok Gupta is an associate professor at the Department of Information and Decision Sciences at Carlson School of Management, University of Minnesota. He received his PhD in management science and information systems from The University of Texas at Austin in 1996. His research has been published in various information systems, economics, and computer science journals such as Management Science, ISR, CACM, JMIS, Decision Sciences, Journal of Economic Dynamics and Control, Computational Economics, Decision Support Systems, IEEE Internet Computing, International Journal of Flexible Manufacturing Systems, Information Technology Management, and Journal of Organizational Computing and Electronic Commerce. In addition, his articles have been published in several leading books in the area of economics of electronic commerce. He has received prestigious NSF CAREER award for his research in Online Auctions. He serves on the editorial boards of ISR, DSS and Brazilian Electronic Journal of Economics.
Y. Alex Tung is an associate professor in the Department of Operations and Information Management at the University of Connecticut. He received his PhD in decision science and information systems from the University of Kentucky. His research interests are applied artificial intelligence, expert systems, and electronic commerce. His research has appeared in Management Science, Journal of Management Information Systems, Decision Support Systems, European Journal of Operational Research, Journal of Multi-Criteria Decision Analysis, and numerous other leading journals.
James R. Marsden came to UCONN in 1993 as professor and head, Department of Operations and Information Management, School of Business Administration, University of Connecticut. Dr. Marsden was part of a three-person concept development team that initiated and oversaw the development of the Connecticut Information Technology Institute and is currently serving as its executive director. He developed and implemented the Treibick Electronic Commerce Initiative that is funded through a generous gift provided by Richard Treibick and the Treibick Family Foundation. He was a member of the edgelab development team and currently serves on the edgelab Steering Committee which selects and resources projects and oversees operations. Dr. Marsden is a two-time winner of the Chancellor’s Award for IT Excellence and a co-winner of the Team Connecticut Program Award from the Office of Economic Development. He has a lengthy research publication record in market innovation and analyses, economics of information, artificial intelligence, and production theory. His research work has appeared in Management Science, IEEE Transactions on Systems, Man and Cybernetics, American Economic Review, Journal of Economic Theory, Journal of Political Economy, Computer Integrated Manufacturing Systems, Decision Support Systems, Journal of Management Information Systems, and numerous other academic journals. Professor Marsden received his AB from the University of Illinois and his MS and PhD from Purdue University. Having completed his JD while at the University of Kentucky, Jim has been admitted to both the Kentucky and Connecticut Bar.
- 1
Fax: +1-860-4864839.