1
Implementation of ERS by Fraunhofer SITImplementation of ERS by Fraunhofer SIT
Michael Herfert, Fraunhofer-Institute for Secure Information Technology (SIT),Rheinstrasse 75, 64295 Darmstadt, GermanyTel. +49 6151 869 329, [email protected]
2
2001: 2001: ArchiArchiSigSig
2001 German ministry of work (BMWA) sponsors ArchiSig
h1 = h (Dok1)
Dok2 …
h2 = h(Dok2)
Dok1 Dok3 Dok4
h4=h(Dok4)h3 = h(Dok3)
h5 = h(h1|h2) h6 = h(h3|h4)
h7 = h(h5|h6)
TS1 = TimeStamp(h7)
T. Gondrom (Opentext), R. Brandner (InterComponentWare) andU. Pordesch (Fraunhofer SIT) initiate: Evidence Record Syntax (ERS)
3
2004: 2004: ArchiArchiSoftSoft
2001 German ministry of work (BMWA) sponsors ArchiSig
2004Fraunhofer SIT developes ArchiSoft
VerificationClient (Browser)
ArchiSoftServer
Admin-Tool
DMS-Client
DMS-Server
PKI-Services DB
JDBC
TASP
TASP
TASP-Plugin
TASPDMS-ProtocollTSP
LDAP,OCSP
9 312
6
12
3
VerificationClient (Browser)
ArchiSoftServer
Admin-Tool
DMS-Client
DMS-Server
PKI-Services DB
JDBC
TASP
TASP
TASP-Plugin
TASPDMS-ProtocollTSP
LDAP,OCSP
9 312
69 312
6
12
3
ArchiSoft generates Evidence Records
ArchiSoft works with every DMS
4
2004: 2004: ArchiArchiSoft (continued) Soft (continued)
TASP = Trusted Archive Service Protocol (simplicity!)
TSP = Time Stamp Protocol (RFC 3161)
JDBC = Java Database Connectivity
DB = Data base of DMS
Fundamentals:
• DMS client is not modified• DMS server sends ONE
message to ArchiSoft: „please notice: there is a new document“
• The DMS asks for the document when ArchiSoft builds the hash tree
• The DMS can „forget“ any problems of signature renewal, because everything is managed by ArchiSoft
• The document can be verified any time in future
1
2
3
VerificationClient (Browser)
ArchiSoftServer
Admin-Tool
DMS-Client
DMS-Server
PKI-Services DB
JDBC
TASP
TASP
TASP-Plugin
TASPDMS-ProtocollTSP
LDAP,OCSP
9 312
6
12
3
Interoperability: OpenText and Fraunhofer SIT have a common understanding of ERS
5
2005: OPENLiMit gets certified2005: OPENLiMit gets certified
Company based in Switzerland
2001 German ministry of work (BMWA) sponsors ArchiSig
2004Fraunhofer SIT developes ArchiSoft
2005OPENLiMit SignCubes gets certifified for their signature software
develops electronic signature software
6
2005: PTB developes 2005: PTB developes ArchiArchiSafeSafe
2001 German ministry of work (BMWA) sponsors ArchiSig
2004Fraunhofer SIT developes ArchiSoft
2005OPENLiMit SignCubes gets certifified for their signature software
2005
PTB developes the ArchiSafe concept
ArchiSafe creates an XML container for every document
ArchiSafe is very important for the german government
7
2007: OPENLiMit ArchiSoft2007: OPENLiMit ArchiSoft
OPENLiMit ArchiSoft =
ArchiSoft (based on ArchiSig)
+ ArchiSafe
+ OPENLiMit certified software components
OPENLiMit ArchiSoft is important for the
german government
2001 German ministry of work (BMWA) sponsors ArchiSig
2004Fraunhofer SIT developes ArchiSoft
2005OPENLiMit SignCubes gets certifified for their signature software
2005
PTB developes the ArchiSafe concept
2007-2-28OPENLiMit and SIT announce OPENLiMit ArchiSoft
2007-3-15 Prototyp at
8
About Fraunhofer Institute for About Fraunhofer Institute for SSecure ecure IInformation nformation TTechnologyechnology
• Consultancy, independent from any
company
• Security Academy
• Technology studies
• Integration of security into existing
systems
• Development of new security solutions
• Modelling of business processesHead: Prof. Claudia Eckert
SIT offers
Rheinstreet 75, Darmstadt
100 persons80 scientistsbudget: 9,75 Mio Euro
Top Related