Minimising the risk of electronic document forgery

doi:10.1016/S0920-5489(98)00010-5

Computer Standards & Interfaces

Volume 19, Issue 2, March 1998, Pages 161-167

https://doi.org/10.1016/S0920-5489(98)00010-5 Get rights and content

Abstract

Paperless business transactions depend on digital signatures, which are based on public-key crytography and one-way hash functions. However, one-way hash functions have properties, which can be exploited to subvert security service. The purpose of this paper is minimisation of such risks, where attention is given to proper structuring (and consequently coding) of electronic documents and the context of their usage.

References (22)

United Nations Economic Commission for Europe
Electronic Data Interchange for Administration, Commerce and Transport, Syntax Rules, ISO 9735
(March 1993)
ANSI ASC, American National Standard for electronic business interchange, X12 series...
M. Bellare et al.
iKP—a family of secure payment protocols
MasterCard and VISA, Secure Electronic Transactions
G. Tsudik
Message authentication with one way hash functions
ACM Comput. Commun. Rev.
(1992)
J.M. Galvin et al.
Secure Management of SNMP networks
B.S. Kaliski chair
A Comprehensive Standard for Public-key Cryptography, IEEE P1363 draft standard
(July 1997)
B.S. Kaliski
The MD2 Message Digest Algorithm
RFC 1319
(1992)
R. Rivest
The MD4 Message Digest Algorithm
R. Rivest
The MD5 Message Digest Algorithm

N. Rogier et al.

The compression of MD2 is not collision free

Cited by (3)

Slovene smart card and IP based health-care information system infrastructure
2001, International Journal of Medical Informatics
Citation Excerpt :
It is not only the exchange of the document itself that matters, but also the sequence and semantic/syntactic relationship between these documents along with complete organizational procedures. Security in particular can be affected in this way [6]. For the successful introduction of EDI, data sets have to be defined and they have to be stable.
Slovenia initiated a nation-wide project to introduce smart cards in the health sector in 1995 and its full-scale deployment started in September 2000. Although the basic aim of the project was to support insurance related procedures, the system was designed in a flexible and open manner to present an infrastructure for the whole health sector. The functionality of the current system is described in this paper along with lessons learned so far. The upgrade of the system is outlined, with emphasis on technical details, the objective being to provide a real-time EDI based environment for a general set of applications in the medical sector, supported by the flexibility and security of modern smart card technologies. Integration with similar systems in other EU countries is discussed.
Document access control in organisational workflows
2007, International Journal of Information and Computer Security
Managing information systems security and privacy
2006, Managing Information Systems Security and Privacy

^☆: This work was sponsored by the Slovene Ministry of Science and Technology.

^∗: Tel.: +386 61 1773379; fax: +386 61 1262102;

View full text

Minimising the risk of electronic document forgery☆

Abstract

Electronic Data Interchange for Administration, Commerce and Transport, Syntax Rules, ISO 9735

iKP—a family of secure payment protocols

MasterCard and VISA, Secure Electronic Transactions

Message authentication with one way hash functions

ACM Comput. Commun. Rev.

Secure Management of SNMP networks

A Comprehensive Standard for Public-key Cryptography, IEEE P1363 draft standard

The MD2 Message Digest Algorithm

RFC 1319

The MD4 Message Digest Algorithm

The MD5 Message Digest Algorithm

The compression of MD2 is not collision free