A Comprehensive and Privacy-Aware Approach for Remote Qualified Electronic Signatures

The current shift towards digital transactions emphasizes the need for robust Qualified Electronic Signature (QES) frameworks that safeguard integrity and privacy. Having the potential to become the leading type of adopted QES, the main challenge that Remote QESs present to end users is choosing bet...

Full description

Saved in:
Bibliographic Details
Published in:Electronics (Basel) 2024-02, Vol.13 (4), p.757
Main Authors: Aciobăniței, Iulian, Arseni, Ștefan-Ciprian, Bureacă, Emil, Togan, Mihai
Format: Article
Language:English
Subjects:
Analysis
Blockchain
Confidential communications
Data integrity
Data security
Digital signatures
Digitization
Documents
Electronic signatures
End users
Interoperability
Legislation
Libraries
Methods
Privacy
Protocol
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The current shift towards digital transactions emphasizes the need for robust Qualified Electronic Signature (QES) frameworks that safeguard integrity and privacy. Having the potential to become the leading type of adopted QES, the main challenge that Remote QESs present to end users is choosing between transmitting the entire document or only its digest to the Trust Service Provider (TSP). The first option compromises the document’s confidentiality, while the second one requires the development of signature applications compliant with advanced signature formats, a task that often needs additional time and resources. In this paper, we introduce a comprehensive strategy for remote QESs, designed for seamless integration with current client applications, while simultaneously maintaining user privacy. The main topics approached in this paper are the following: a comprehensive architecture for privacy-aware remote QES systems, relevant standards and legislation, integration scenarios for clients, and remote QES standard protocols to assure communication between client and TSP environments. Furthermore, we also explore the integration of our proposed solution with an enhanced long-term preservation service that uses Ethereum smart contracts and methodologies to implement signature applications with advanced electronic signatures via open-source libraries while ensuring document privacy. The main result of this work is a flexible on-premise module that provides the ability to sign, validate, and preserve documents, with a minimal integration effort.
ISSN:2079-9292
2079-9292
DOI:10.3390/electronics13040757