1 / 17

Long-term verification service of the electronic signature for digital records in Korea

Long-term verification service of the electronic signature for digital records in Korea. by YoungHwan Park National Archives of Korea For the Seminar on “International Conference of the Round table on Archives” September, 2010. Presentation Structure. Overview

aneko
Télécharger la présentation

Long-term verification service of the electronic signature for digital records in Korea

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Long-term verification service of the electronic signaturefor digital records in Korea by YoungHwan Park National Archives of Korea For the Seminar on “International Conference of the Round table on Archives” September, 2010

  2. Presentation Structure • Overview • Electronic RecordsManagement System • Electronic Signature Exposition • Applied Long-Term Verification Servive • of National Archives • Development Direction

  3. Ⅰ. Overview Change of the archival management paradigm • Focusing on paper records • => Focusing on electronic records • Focusing on preservation • => Focusing on making the records as • knowledge resources • Non-disclosure practices • => Active release and access

  4. Ⅰ. Overview Related laws & ISP • Related laws • - Enacted the Public Records Management Act • in 1999 and all amendments in 2006 • - The production of electronic records, preservation, • and use of management systems • Information Strategy Planning • - To manage the entire process online from Active, • Semi-Active, and Inactive Phases • - A series of preparation and research about such • international standards as ISO 15489, 23721 etc. • on digital record

  5. Ⅰ. Overview Development & research • Systems at each phase • -Active : OnNara (Business Management Sys.) • -Semi-Active : RMS(Records Management Sys.) • -Inactive : CAMS (Central Archives Management Sys.) • Research & development • -『Basic Technology for Electronic Records • Permanent Preservation』(2004~2005) • - Permanent Preservation Conversion Format (2006) • -A long-term validation of electronic signatures (2007)

  6. Service to the adminstration Service to the nation … Person in charge Public institutions at each level Academic circle Research institutes Civic groups Citizens Media Archival info. contents, catalog, original texts, metadata Catalog, metadata Catalog, metadata Archival management system BRMSystem Integrated search system for archival information Integrated information disclosure system Classification by function, purpose and organization Business management system Archival Management sys. of the constitutional institution Task/document management card, etc. Records management sys. Central archival management sys. • Government task/records classification and sys. management • Permanent electronic/non-electronic records management • Permanent preservation and public access service • Task/records classification and system management • Electronic/non-electronic records management Electronic document sys. Approval/Execution/Received documents Local archival Management system Non-electronic Archives portal Ⅱ. Electronic Records Management System Korea’s Electronic Records Management System (Ⅰ)

  7. Ⅱ. Electronic Records Management System Korea’s Electronic Records Management System (Ⅱ) • EDS(Electronic document system) • Business management system • RMS(Records management system) • CAMS(Central archival management system) • Integrated information disclosure system • National Archives Portal Service • Integrated search system of archival records

  8. Ⅲ. Electronic Signature Exposition Electronic Signature (Ⅰ) • An electronic document method • -In place of a traditional paper-based signature • with a seal or a unique sign for a recognition of • personal claim. • -In use of business documents that has to be • signed like as Electronic Data Interchange • -In the field of military operations command via a • computer network for the signature

  9. Ⅲ. Electronic Signature Exposition Electronic Signature (Ⅱ) • To prove authenticity of its identity • -Ease of signature transfer • -Difficulty of disapproval • -Impossible forging by others • -Automatic preservation of time stamp etc.. • Open key-based electronic signature • -NPKI (National Public Key Infrastructure) • -GPKI (Government Public Key Infrastructure)

  10. Ⅲ. Electronic Signature Exposition Electronic Signature (Ⅲ) • Long-term verification problem • - A long time ago, signed documents • -Cannot be verified due to expiration validation • and abolition to maintain its legal effect • ⇒ Inhibits utilization of electronic signatures • ⇒Causes a great inconvenience to the users • ⇒Causes a hinderance in utilization of electronic • distribution.

  11. Ⅲ. Electronic Signature Exposition Electronic Signature (Ⅳ) • Features to verify long-term electronic signatures • -Certificates should be able to be verified through a • credible institution even after the expiry. • -Manage renewal notary information of a credible • institute to extend the effectiveness of signatures. • -Electronic signatures has be to saved in the • 'Information of Verified Authorization' • -Signer of its electronic signature has to ensure their • personal code (key) does not break.

  12. Ⅲ. Electronic Signature Exposition Electronic Signature (Ⅴ) • Required when confirming • - Signing Policy • - Data of Signed User • - Electronic Signature Value • - Value of Other Property Offered by Signer • - Value of Other Non-Property Offered by Signer • Required for an additional data • - Certificate Reference • - Certificates • - Revocation Reference • - Revocation State Information • - Time Stamp Tokens Recieved from Time Stamp Server

  13. Ⅳ. Applied Long-Term Verification Service of National Archives Electronic signature in Korea • Korea's "Public Records Management Act “ • - Authenticity, integrity, reliability, and availability • in managing its electronic documents • -Data security / use of electronic signature • Electronic signature in National Archives • - To ensure authenticity of electronic records • by applying permanent preservation format. • - Long-term verification problem • - With a contradiction between CRL management • method and PKI electronic signature method. • ※ CRL(Certificate Revocation List)

  14. Ⅳ. Applied Long-Term Verification Service of National Archives Basic Technology Research for Preservation of Electronic Records • Information Details: Converted document • format observes ISO 19005-1 (PDF/A-1) • Long-Term Preservation: Converted • permanent format S/W observes ISO 14721 (AIP) • Security Technology: GPKI (Government • Public Key Infrastructure) ability to apply PKI • Standard preservation format • - Converting and signing digitally in RMS and AMS • - The electronic records of more than 10 years of • age in RMS to be converted • - The amount of targeted documents are increasing

  15. Ⅳ. Applied Long-Term Verification Service of National Archives Necessity and first step • Necessity In 2007 • - GPKI validation time : only 2 years and 3 months. • - RMS desperate for a Long-Term Verification Sys. • - A collected management was needed for a related • information to CRL and long-term verification • First step in 2007 • - NAK constructed a verification system • - Applied records management agencies at all levels • - Constructed base of GPKI for a long-term • verification system first

  16. Ⅳ. Applied Long-Term Verification Service of National Archives Annual progress • To ensure stability & testing services in 2008 • - Developed for closed agencies • - Expanded through MPKI (Military PKI) • Settlement and service expansion in 2009 • - The system became a dual processor to prepare • for unpredictable disasters • - Private electronic document and city, province, • local records management agency system • To expand private/public institution in 2010 • - Expands NPKI's long-term verification service • - Promotes acceptance of EPKI (Education PKI)

  17. V. Development Direction Planning for the future • Accept Expanded Authentication Capacity • - Accept 5 affiliated NPKI Authentication Systems • - Accept GPKI affiliated Authentication System • - Accept WPKI Authentication System • Expansion of Long-Term Verification Service • - Electronic Record of Public Institution of G2B, G2C • - Private record of B2B, B2C • - Wireless environment • Public Certificate Institute Connection • Disaster Recovery System

More Related