PUMA
Istituto di Informatica e Telematica     
Minutoli S., Marchetti A., Tesconi M. Signed Web Forms. Technical report, 2005.
 
 
Abstract
(English)
As more and more Web applications are available on the Internet, they are becoming a standard way also for many organizations and institutions to offer their services and/or improve the efficiency of office procedures. Some of these applications require the user to input some information, typically by filling out a form, and submit the data. In many cases the user is required to digitally sign the data submitted. The problem of the digital signature has been solved with appropriate algorithms based on the use of two different keys: the private key and the public key. The private key must be known only to its legitimate owner, certified by a Certification Authority, and must be protected from unauthorized access. This problem has been solved by means of smart-cards and USB-tokens. However when the user decides to sign a document displayed on the screen, the software actually uses his private key to sign an internal representation of the document. Thus, another problem arises: the user must be sure that the document actually signed is the same document he has been shown. Since few years the WYSIWYS (What You See Is What You Sign) technology has been suggested, so that users know exactly what they sign. We propose an architecture based on this technology. The signing module is embedded in a Web Service that must be invoked to obtain the digital signature of a given document. This Web Service shows the document to the user that decides whether to sign it or not. Finally, we have tested this architecture by implementing a prototype of a Form-based Web application.
Subject Web forms
Digital Signature
Web Service
Xml
WYSIWYS
H.5.3 Group and Organization Interfaces . Web.based interaction


Icona documento 1) Download Document PDF


Icona documento Open access Icona documento Restricted Icona documento Private

 


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional