Understanding Digital Signatures

Establishing Trust over the Internet and Other Networks

Gail L. Grant

Publisher: McGraw-Hill, 1997, 298 pages

ISBN: 0-07-012554-6

Keywords: IT Security

Last modified: June 10, 2021, 1:13 a.m.

Discover Digital Signatures, Security For A Commerce-Driven Internet

Internet security is a hot topic and justifiably so. Customers are already demanding on-line access to their personal records, bank accounts, and other private information; furthermore, researchers estimate sales on the internet could reach $200 billion by the year 2000, as PCs worldwide link to form a global shopping mall.

But how can a company be sure of the identity of the party accessing the information? On a global, interconnected network, how can you be certain:

  • Providers and users are who they say they are?
  • Information being exchanged between provider and user cannot be stolen or altered?
  • Order being offered to you is valid?

The answers lie in digital signature, which are based on public key cryptography and its infrastructure to bind unique keys to individuals and corporations through identity verification.

Written by leading Internet business consultant Gail Grant, Understanding Digital Signatures: Establishing Trust over the Internet and Other Networks. details the business, legal, social, and technological issues surrounding Digital Signatures and key infrastructure.

This book explains this complex technology in terms that a businessperson can understand, covering the unique problems of on-line authentication, how digital signatures help to solve these problems, ways companies are using the technology in real life, and issues concerning its usage. The book includes a list of product and service vendors, future potential, and suggestions for companies considering implementation of digital signatures for their customers or employees.

  • Part 1: Background and Definition
    1. Background
      • E-mail and Customer Service
      • The World Wide Web
      • More than Billboards
      • Online Sales
      • Worldwide Opportunity
      • Enter the Intranet
    2. Security and the Internet
      • The Physical World vs. the Networked World
      • Authentication
      • Authorization Authentication
      • Privacy and Confidentiality
      • Data Integrity
      • Trust
    3. Securing the Internet
    4. Public Key Infrastructure
      • Network of Trust
      • Identity Verification
      • Technology
      • Applying for a Certificate
      • Certificate Management
      • policies, Procedures, and Practices
      • Operations
  • Part 2: Case Studies
    1. Use of Public Key Systems
      • Justification
      • Public Key Buckets
      • Identification
      • Securing Communication
      • Application Integration
    2. Identification and Authentication
      • GE Research Center
      • GTE
      • Hewlett-Packard
      • Liberty Financial Companies, Inc.
      • State of Massachusetts
      • QSpace
      • USWeb
    3. Securing Communication
      • Ultramar Diamond Shamrock
      • Mellon Bank
      • PrimeHost
      • Wells Fargo
    4. Application Integration
      • CyberCash
      • E-Stamp
      • NetDox
      • Open Market. Inc.
      • United States Postal Service
    5. Secure Electronic Transaction Protocol
      • Business Situation
      • How SET Works
  • Part 3: Issues
    1. Technical Issues
      • Hardware vs. Software
      • Interoperability
      • In-House vs. Outsourcing
      • Algorithms
      • Public Key Cryptography in Applications
      • Standards
      • Key Size and Key Splitting
      • Key Recovery/Escrow
      • Security Policies and Procedures
      • Registration Authority Functionality
      • Directory Services
      • Revocation Lists
    2. Legal Issues
      • Digital Signature Legislation
      • Certificate Holder Responsibility
      • CA Responsibilities and Liabilities
      • CA Requirements
      • Technology Implications and Requirements
      • International Issues
      • Certification Practice Statements
      • Relying Parties
      • Agreements
    3. Business Issues
      • Business Models and Risks
      • Hardware vs. Software
      • Interoperability and Cross Certification
      • In-House vs. Outsourcing
      • Public Key Cryptography in Applications
      • Key Recovery/Escrow
      • Security Policies and Procedures
      • Certificate Holders Responsibility
    4. Developing Requirements
      • Product or Service?
      • Understanding Requirements
      • Futures
      • Budget
      • Pricing
      • Requirements Document Contents
      • Evaluation
  • Part 4: Vendor Review
    1. CA Products and Services
      • Atalla Corporation
      • BBN Corporation
      • CertCo
      • Cylink Corporation
      • Entrust Technologies Inc.
      • GTE CyberTrust Solutions Incorporated
      • International Business Machines Corporation (IBM)
      • Netscape Communications
      • VeriSign
      • Xcert Software Inc.
    2. Application and Toolkit Vendors
      • E-Stamp Corporation
      • Product/Services Offered
      • Harbinger
      • Premenos Technology Corporation
      • RSA Data Security, Inc., a Security Dynamics Company
      • S/MIME Products
      • SET Vendors
      • Web Browser and Server Vendors
  • Part 5: What The Future Holds
    1. Future Applications
      • Remote Authentication
      • Internet VAN
      • Remote Trusted Devices
      • Distributed Applications
      • Signed Instruments
      • The Impact of Certificates and Digital Signatures on Business
      • Closing Notes
    • Appendix I: Hobbes' Internet Timeline
    • Appendix II: Trading Partner Agreement
      • Digital Signature Trading Partner Agreement
    • Appendix III: Digital Signature Legislation
      1. Introduction
      2. The Law of Signatures
      3. Digital Signature Technology
      4. Verifying Owners of Public Keys Pairs
      5. Legal Considerations
      6. Overview of Liability
      7. Liability for the Loss or Compromise of the Private Key by Subscribers
      8. Liability of Certification Authorities
      9. Regulatory Oversight of Certification Authorities
      10. Technological Standards
      11. Digital Signature Legislation
      12. Conclusion
    • Appendix IV: Digital Signature Legislation Status
      • State Legislation and Regulations
      • Federal Legislation and Regulations
      • International
    • Appendix V: Pointers to Pertinent Web Sites
    • Appendix VI: US Government


Understanding Digital Signatures

Reviewed by Roland Buresund

Mediocre **** (4 out of 10)

Last modified: May 21, 2007, 2:51 a.m.

The title says it all, but it is pretty boring.


There are currently no comments

New Comment


required (not published)