No Thumbnail Available
Electronic signature validity : solving the issues of traditional preservation services with Evidence Records
Details
- Supervisors
- Faculty
- Degree label
- Abstract
- This master thesis presents a standards-compliant, proof-of-concept, preservation service relying on Evidence Records in the context of electronic signatures. It studies the Evidence Records approach to preservation, compared to the classical single-document approach. This service provides non-repudiable proof of existence of general data based on the XML Evidence Record Syntax from RFC6283 and it aims to comply with the ETSI framework of standards. The ETSI framework itself aims to fulfil the legal requirements set by the European eIDAS regulation on electronic signatures, giving them legal value. Digital signatures rely on time-sensitive mechanisms, leading to signatures becoming invalid with time and the evolution of technology. General preservation, including signature preservation, is achieved using trusted timestamps. However such timestamps rely on the same mechanisms as digital signatures, meaning they shall also be preserved. Evidence Records aims to improve preservation efficiency by covering multiple unrelated data objects with a single timestamp using Merkle Trees. Evidence Record Syntax standardizes the format of such proofs. The service is implemented in Java using the Spring framework, relies on a PostgreSQL database and uses the DSS library developed by Nowina.