Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices

Emina Ahmetovic; Thomas Lenz; Christian Kollmann

doi:10.5220/0009821303300339

Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices

Emina Ahmetovic, Thomas Lenz, Christian Kollmann

Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie (7050)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

Electronic documents are an important part of a business workflow. To assure the integrity, authenticity, and non-repudiation of those documents, both public and private sectors use qualified electronic signatures to sign PDF files. Benefits of the resulting qualified PDF signing are widely recognized, and there are many desktop and web applications used to sign PDFs. Those applications usually require additional hardware, such as smartphones, or smart cards, to assure a multi-factor authentication in the signing process. However, the prevalence of mobile devices in everyday life posed a need for public services, which can be executed on a single mobile device. In this paper, we develop a user-friendly and privacy-preserving framework for qualified PDF signing on mobile devices. We show the feasibility of our framework by implementing all
necessary components: the PDF processing application, the Trust Service Provider server-side, and clientside application. The main focus of these components is to preserve the privacy of users and to meet user expectations regarding the functionalities of PDF signing applications. Furthermore, we demonstrate the
practical applicability of our solution by integrating it into the productive Austrian e-Government system.
Lastly, we conclude the paper with extensive performance evaluation.

Originalsprache	englisch
Titel	Proceedings of the 17th International Joint Conference on e-Business and Telecommunications -SECRYPT
Herausgeber (Verlag)	SciTePress - Science and Technology Publications
Seiten	330-339
Seitenumfang	10
ISBN (elektronisch)	978-989-758-446-6
DOIs	https://doi.org/10.5220/0009821303300339
Publikationsstatus	Veröffentlicht - 2020
Veranstaltung	17th International Conference on Security and Cryptography - Virtuell, Frankreich Dauer: 8 Juli 2020 → 10 Juli 2020

Konferenz

Konferenz	17th International Conference on Security and Cryptography
Kurztitel	SECRYPT 2020
Land/Gebiet	Frankreich
Ort	Virtuell
Zeitraum	8/07/20 → 10/07/20

Zugriff auf Dokument

10.5220/0009821303300339Lizenz: CC BY-NC-ND 4.0

https://www.scitepress.org/Link.aspx?doi=10.5220/0009821303300339Lizenz: CC BY-NC-ND 4.0

E-Government Innovationszentrum - EGIZ - E-Government Innovationszentrum (EGIZ)
Krnjic, V., Lenz, T., Tauber, A., Posch, R., Abraham, A. & Hörandner, F.
1/09/05 → 31/12/23
Projekt: Forschungsprojekt

Dieses zitieren

Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices. / Ahmetovic, Emina; Lenz, Thomas; Kollmann, Christian.
Proceedings of the 17th International Joint Conference on e-Business and Telecommunications -SECRYPT. SciTePress - Science and Technology Publications, 2020. S. 330-339.

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Ahmetovic, E, Lenz, T & Kollmann, C 2020, Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices. in Proceedings of the 17th International Joint Conference on e-Business and Telecommunications -SECRYPT. SciTePress - Science and Technology Publications, S. 330-339, 17th International Conference on Security and Cryptography, Virtuell, Frankreich, 8/07/20. https://doi.org/10.5220/0009821303300339

@inproceedings{bc9b371ce06a4f79ab76a294ef8ea644,

title = "Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices",

abstract = "Electronic documents are an important part of a business workflow. To assure the integrity, authenticity, and non-repudiation of those documents, both public and private sectors use qualified electronic signatures to sign PDF files. Benefits of the resulting qualified PDF signing are widely recognized, and there are many desktop and web applications used to sign PDFs. Those applications usually require additional hardware, such as smartphones, or smart cards, to assure a multi-factor authentication in the signing process. However, the prevalence of mobile devices in everyday life posed a need for public services, which can be executed on a single mobile device. In this paper, we develop a user-friendly and privacy-preserving framework for qualified PDF signing on mobile devices. We show the feasibility of our framework by implementing allnecessary components: the PDF processing application, the Trust Service Provider server-side, and clientside application. The main focus of these components is to preserve the privacy of users and to meet user expectations regarding the functionalities of PDF signing applications. Furthermore, we demonstrate thepractical applicability of our solution by integrating it into the productive Austrian e-Government system.Lastly, we conclude the paper with extensive performance evaluation.",

keywords = "PDF Signature App, Qualified Electronic Signatures",

author = "Emina Ahmetovic and Thomas Lenz and Christian Kollmann",

year = "2020",

doi = "10.5220/0009821303300339",

language = "English",

pages = "330--339",

booktitle = "Proceedings of the 17th International Joint Conference on e-Business and Telecommunications -SECRYPT",

publisher = "SciTePress - Science and Technology Publications",

note = "17th International Conference on Security and Cryptography, SECRYPT 2020 ; Conference date: 08-07-2020 Through 10-07-2020",

}

TY - GEN

T1 - Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices

AU - Ahmetovic, Emina

AU - Lenz, Thomas

AU - Kollmann, Christian

PY - 2020

Y1 - 2020

N2 - Electronic documents are an important part of a business workflow. To assure the integrity, authenticity, and non-repudiation of those documents, both public and private sectors use qualified electronic signatures to sign PDF files. Benefits of the resulting qualified PDF signing are widely recognized, and there are many desktop and web applications used to sign PDFs. Those applications usually require additional hardware, such as smartphones, or smart cards, to assure a multi-factor authentication in the signing process. However, the prevalence of mobile devices in everyday life posed a need for public services, which can be executed on a single mobile device. In this paper, we develop a user-friendly and privacy-preserving framework for qualified PDF signing on mobile devices. We show the feasibility of our framework by implementing allnecessary components: the PDF processing application, the Trust Service Provider server-side, and clientside application. The main focus of these components is to preserve the privacy of users and to meet user expectations regarding the functionalities of PDF signing applications. Furthermore, we demonstrate thepractical applicability of our solution by integrating it into the productive Austrian e-Government system.Lastly, we conclude the paper with extensive performance evaluation.

AB - Electronic documents are an important part of a business workflow. To assure the integrity, authenticity, and non-repudiation of those documents, both public and private sectors use qualified electronic signatures to sign PDF files. Benefits of the resulting qualified PDF signing are widely recognized, and there are many desktop and web applications used to sign PDFs. Those applications usually require additional hardware, such as smartphones, or smart cards, to assure a multi-factor authentication in the signing process. However, the prevalence of mobile devices in everyday life posed a need for public services, which can be executed on a single mobile device. In this paper, we develop a user-friendly and privacy-preserving framework for qualified PDF signing on mobile devices. We show the feasibility of our framework by implementing allnecessary components: the PDF processing application, the Trust Service Provider server-side, and clientside application. The main focus of these components is to preserve the privacy of users and to meet user expectations regarding the functionalities of PDF signing applications. Furthermore, we demonstrate thepractical applicability of our solution by integrating it into the productive Austrian e-Government system.Lastly, we conclude the paper with extensive performance evaluation.

KW - PDF Signature App

KW - Qualified Electronic Signatures

U2 - 10.5220/0009821303300339

DO - 10.5220/0009821303300339

M3 - Conference paper

SP - 330

EP - 339

BT - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications -SECRYPT

PB - SciTePress - Science and Technology Publications

T2 - 17th International Conference on Security and Cryptography

Y2 - 8 July 2020 through 10 July 2020

ER -

Signatures to Go: A Framework for Qualified PDF Signing on Mobile Devices

Abstract

Konferenz

Zugriff auf Dokument

Fingerprint

Projekte

E-Government Innovationszentrum - EGIZ - E-Government Innovationszentrum (EGIZ)

Dieses zitieren