MADSig: Enhancing digital signature to capture secure document processing requirements

Pazzaglia, Jean-Christophe; Crosta, Stefano
Book chapter in ISSE 2006, Securing Electronics Business Processes, May 2006, ISBN: 978-3-8348-0213-2

Businesses, government agencies, and educational institutions all share information electronically. While digital signature based on public key infrastructure is commonly accepted as the natural answer to secure data exchange, the actual digital signature formats largely fail to capture regulation and business level semantic. Indeed, electronic documents (business contracts, law texts, European directives, European arrest warrants...) can no longer be simply seen as their paper counterparts: the trust and the accuracy of the information carried by electronic documents are transitory; and they utterly depend on the instant and the perspective of the document consumer. For example, a contract signed by only one part may give a competitive negotiation advantage to the potential matching part. For that reason, we propose a technical solution which is aiming to mitigate the risks of discrepancy. Our solution is based on the paradigm of Business Process Modeling extended to provide security annotations and functionalities. Documents are perceived as business processes' artefacts and embed a subset of the process with associated security annotations. These descriptions combined with basic digital signature primitive and certified data make possible to verify the compliance of collaborative processes that may eventually span across borders. A practical example, the European Arrest Warrant is described to show the model's expressiveness to capture complex legal constraints.

Digital Security
Eurecom Ref:
© Springer. Personal use of this material is permitted. The definitive version of this paper was published in Book chapter in ISSE 2006, Securing Electronics Business Processes, May 2006, ISBN: 978-3-8348-0213-2 and is available at :