Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers
The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive....
| Main Authors: | , , |
|---|---|
| Format: | Working Paper |
| Language: | English en_US |
| Published: |
World Bank, Washington, DC
2014
|
| Subjects: | |
| Online Access: | http://documents.worldbank.org/curated/en/2004/12/20165808/authentication-digital-signatures-e-law-security-guide-legislators-managers http://hdl.handle.net/10986/20214 |
| id |
okr-10986-20214 |
|---|---|
| recordtype |
oai_dc |
| repository_type |
Digital Repository |
| institution_category |
Foreign Institution |
| institution |
Digital Repositories |
| building |
World Bank Open Knowledge Repository |
| collection |
World Bank |
| language |
English en_US |
| topic |
ACCESS CONTROLS ACTION PLAN APPROPRIATE TECHNOLOGY ASSIGNMENT OF LIABILITY ASYMMETRIC ALGORITHMS ASYMMETRIC CRYPTOGRAPHY ASYMMETRIC ENCRYPTION ASYMMETRIC KEY AUTHENTICATION AUTHENTICATION MECHANISMS AUTHENTICATION TECHNIQUES B2B B2C BACKBONE BIOMETRICS BROWSERS BUSINESS INTERACTIONS BUSINESS MODEL BUSINESS MODELS BUSINESS RELATIONSHIP BUSINESS-TO-BUSINESS BUSINESS-TO-BUSINESS TRANSACTIONS BUSINESS-TO-GOVERNMENT BUSINESSES BUYER CAPABILITIES CAPABILITY CERTIFICATE CERTIFICATE AUTHORITY CERTIFICATE REVOCATION CERTIFICATION AUTHORITIES CERTIFICATION AUTHORITY CIPHER CIPHER-TEXT COMMERCIAL ACTIVITIES COMMERCIAL TRANSACTIONS COMMUNICATIONS TECHNOLOGY COMPUTER CRIME CONFIDENTIAL INFORMATION CONFIDENTIALITY CONSUMER PROTECTION COPYRIGHT CREDIT CARD CREDIT CARD FEES CREDIT CARD HOLDERS CREDIT CARDS CRYPTOGRAPHIC ALGORITHM CRYPTOGRAPHIC KEYS CRYPTOGRAPHY CUSTOM CUSTOMS DECRYPTION DECRYPTION KEY DEVELOPMENT OF ECOMMERCE DIGITAL CERTIFICATE DIGITAL CERTIFICATES DIGITAL DOCUMENT DIGITAL DOCUMENTS DIGITAL SIGNATURE DIGITAL SIGNATURES DISCLOSURE DOMAIN DUE DILIGENCE E- PROCUREMENT E-BUSINESS E-COMMERCE E-COMMERCE DEVELOPMENT E-COMMERCE ENVIRONMENT E-COMMERCE LEGAL FRAMEWORK E-GOVERNMENT E-PROCUREMENT E-SERVICE E-SERVICES E-SIGNATURE E-SIGNATURES E-TRANSACTIONS EBUSINESS ECOMMERCE ECOMMERCE LEGISLATION ELECTRONIC COMMERCE ELECTRONIC COMMERCE TRANSACTIONS ELECTRONIC DATA ELECTRONIC DOCUMENT ELECTRONIC DOCUMENTS ELECTRONIC FORM ELECTRONIC MAIL ELECTRONIC MEDIUM ELECTRONIC MESSAGE ELECTRONIC MESSAGES ELECTRONIC SIGNATURE ELECTRONIC SIGNATURE LAW ELECTRONIC SIGNATURE LAWS ELECTRONIC SIGNATURES ELECTRONIC SOFTWARE ELECTRONIC TRANSACTION ELECTRONIC TRANSACTIONS ELECTRONIC TRANSFER EMAILS ENCRYPTION ENCRYPTION KEY ENCRYPTION TECHNOLOGY EQUIPMENT ESIGNATURE FAXES FINGERPRINT FRONT-END GENERAL PUBLIC GOVERNMENT CONTRACT HANDWRITTEN SIGNATURE HANDWRITTEN SIGNATURES HARD COPY HARDWARE HARMONIZATION HASH HASH FUNCTION HASH RESULT HASH RESULTS ID IMPLEMENTATIONS INFORMATION EXCHANGE INFORMATION SECURITY INTENDED RECIPIENT INTENDED RECIPIENTS INTERNATIONAL STANDARDS INTERNATIONAL TRADE INTEROPERABILITY KEY EXCHANGE KEY MANAGEMENT LAWS ON E-COMMERCE LEGAL ENVIRONMENT LEGAL FRAMEWORKS LEGAL STATUS LEGAL SYSTEM LICENSES MANAGEMENT OF RISK MANAGEMENT PROTOCOLS MANAGEMENT SOFTWARE MANAGEMENT SYSTEM MANUFACTURING MARKETING MATERIAL NETWORKS NEW TECHNOLOGY NON REPUDIATION NON-REPUDIATION NOTARIZATION OBSTACLES TO E-COMMERCE ONLINE ENVIRONMENT OPERATING SYSTEMS PASSWORD PASSWORDS PHYSICAL ACCESS PHYSICAL PRESENCE PHYSICAL STORES PKI PRIVACY PRIVACY PROTECTION PRIVATE KEY PRIVATE KEYS PRIVATE SECTOR PROCUREMENT PROTOCOLS PUBLIC ADMINISTRATION PUBLIC KEY PUBLIC KEY CRYPTOGRAPHY PUBLIC KEY ENCRYPTION PUBLIC KEY INFRASTRUCTURE PUBLIC KEYS REGISTRY REGULATORY ENVIRONMENT REGULATORY FRAMEWORK RELATIONSHIP MANAGEMENT RELIABILITY RESULT RESULTS RISK MANAGEMENT SALE OF GOODS SECRET KEY SECURITY LEVEL SECURITY MANAGEMENT SECURITY OBJECTIVES SECURITY REQUIREMENTS SECURITY RISK SECURITY SECURITY SENSITIVITY OF INFORMATION SERIAL NUMBER SERVER SERVICE PROVIDER SERVICE PROVIDERS SIGNATURE GENERATION SMART CARDS SOFTWARE APPLICATION SOFTWARE APPLICATIONS SYMMETRIC ENCRYPTION SYMMETRIC KEY SYMMETRIC KEY CRYPTOGRAPHY SYMMETRIC KEY ENCRYPTION SYMMETRIC KEYS SYSTEM WEAKNESSES TECHNICAL SUPPORTS TECHNOLOGICAL CAPABILITIES TELEPHONE TIME STAMP TRADITIONAL BUSINESS TRANSACTION TRANSMISSION TRANSMISSION OF INFORMATION TRANSMISSION SECURITY TRANSMISSIONS TRUST RELATIONSHIPS UNIQUE IDENTIFIER USER USER IDENTITIES USERS USES VERIFICATION VIDEO WEB |
| spellingShingle |
ACCESS CONTROLS ACTION PLAN APPROPRIATE TECHNOLOGY ASSIGNMENT OF LIABILITY ASYMMETRIC ALGORITHMS ASYMMETRIC CRYPTOGRAPHY ASYMMETRIC ENCRYPTION ASYMMETRIC KEY AUTHENTICATION AUTHENTICATION MECHANISMS AUTHENTICATION TECHNIQUES B2B B2C BACKBONE BIOMETRICS BROWSERS BUSINESS INTERACTIONS BUSINESS MODEL BUSINESS MODELS BUSINESS RELATIONSHIP BUSINESS-TO-BUSINESS BUSINESS-TO-BUSINESS TRANSACTIONS BUSINESS-TO-GOVERNMENT BUSINESSES BUYER CAPABILITIES CAPABILITY CERTIFICATE CERTIFICATE AUTHORITY CERTIFICATE REVOCATION CERTIFICATION AUTHORITIES CERTIFICATION AUTHORITY CIPHER CIPHER-TEXT COMMERCIAL ACTIVITIES COMMERCIAL TRANSACTIONS COMMUNICATIONS TECHNOLOGY COMPUTER CRIME CONFIDENTIAL INFORMATION CONFIDENTIALITY CONSUMER PROTECTION COPYRIGHT CREDIT CARD CREDIT CARD FEES CREDIT CARD HOLDERS CREDIT CARDS CRYPTOGRAPHIC ALGORITHM CRYPTOGRAPHIC KEYS CRYPTOGRAPHY CUSTOM CUSTOMS DECRYPTION DECRYPTION KEY DEVELOPMENT OF ECOMMERCE DIGITAL CERTIFICATE DIGITAL CERTIFICATES DIGITAL DOCUMENT DIGITAL DOCUMENTS DIGITAL SIGNATURE DIGITAL SIGNATURES DISCLOSURE DOMAIN DUE DILIGENCE E- PROCUREMENT E-BUSINESS E-COMMERCE E-COMMERCE DEVELOPMENT E-COMMERCE ENVIRONMENT E-COMMERCE LEGAL FRAMEWORK E-GOVERNMENT E-PROCUREMENT E-SERVICE E-SERVICES E-SIGNATURE E-SIGNATURES E-TRANSACTIONS EBUSINESS ECOMMERCE ECOMMERCE LEGISLATION ELECTRONIC COMMERCE ELECTRONIC COMMERCE TRANSACTIONS ELECTRONIC DATA ELECTRONIC DOCUMENT ELECTRONIC DOCUMENTS ELECTRONIC FORM ELECTRONIC MAIL ELECTRONIC MEDIUM ELECTRONIC MESSAGE ELECTRONIC MESSAGES ELECTRONIC SIGNATURE ELECTRONIC SIGNATURE LAW ELECTRONIC SIGNATURE LAWS ELECTRONIC SIGNATURES ELECTRONIC SOFTWARE ELECTRONIC TRANSACTION ELECTRONIC TRANSACTIONS ELECTRONIC TRANSFER EMAILS ENCRYPTION ENCRYPTION KEY ENCRYPTION TECHNOLOGY EQUIPMENT ESIGNATURE FAXES FINGERPRINT FRONT-END GENERAL PUBLIC GOVERNMENT CONTRACT HANDWRITTEN SIGNATURE HANDWRITTEN SIGNATURES HARD COPY HARDWARE HARMONIZATION HASH HASH FUNCTION HASH RESULT HASH RESULTS ID IMPLEMENTATIONS INFORMATION EXCHANGE INFORMATION SECURITY INTENDED RECIPIENT INTENDED RECIPIENTS INTERNATIONAL STANDARDS INTERNATIONAL TRADE INTEROPERABILITY KEY EXCHANGE KEY MANAGEMENT LAWS ON E-COMMERCE LEGAL ENVIRONMENT LEGAL FRAMEWORKS LEGAL STATUS LEGAL SYSTEM LICENSES MANAGEMENT OF RISK MANAGEMENT PROTOCOLS MANAGEMENT SOFTWARE MANAGEMENT SYSTEM MANUFACTURING MARKETING MATERIAL NETWORKS NEW TECHNOLOGY NON REPUDIATION NON-REPUDIATION NOTARIZATION OBSTACLES TO E-COMMERCE ONLINE ENVIRONMENT OPERATING SYSTEMS PASSWORD PASSWORDS PHYSICAL ACCESS PHYSICAL PRESENCE PHYSICAL STORES PKI PRIVACY PRIVACY PROTECTION PRIVATE KEY PRIVATE KEYS PRIVATE SECTOR PROCUREMENT PROTOCOLS PUBLIC ADMINISTRATION PUBLIC KEY PUBLIC KEY CRYPTOGRAPHY PUBLIC KEY ENCRYPTION PUBLIC KEY INFRASTRUCTURE PUBLIC KEYS REGISTRY REGULATORY ENVIRONMENT REGULATORY FRAMEWORK RELATIONSHIP MANAGEMENT RELIABILITY RESULT RESULTS RISK MANAGEMENT SALE OF GOODS SECRET KEY SECURITY LEVEL SECURITY MANAGEMENT SECURITY OBJECTIVES SECURITY REQUIREMENTS SECURITY RISK SECURITY SECURITY SENSITIVITY OF INFORMATION SERIAL NUMBER SERVER SERVICE PROVIDER SERVICE PROVIDERS SIGNATURE GENERATION SMART CARDS SOFTWARE APPLICATION SOFTWARE APPLICATIONS SYMMETRIC ENCRYPTION SYMMETRIC KEY SYMMETRIC KEY CRYPTOGRAPHY SYMMETRIC KEY ENCRYPTION SYMMETRIC KEYS SYSTEM WEAKNESSES TECHNICAL SUPPORTS TECHNOLOGICAL CAPABILITIES TELEPHONE TIME STAMP TRADITIONAL BUSINESS TRANSACTION TRANSMISSION TRANSMISSION OF INFORMATION TRANSMISSION SECURITY TRANSMISSIONS TRUST RELATIONSHIPS UNIQUE IDENTIFIER USER USER IDENTITIES USERS USES VERIFICATION VIDEO WEB Asian Development Bank Inter-American Development Bank World Bank Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers |
| description |
The concept of authentication has
been around for a long time in many forms. For example due
diligence in commerce has traditionally been formalized to
determine whether the data presented in commercial
propositions are accurate and comprehensive. With the
emergence of e-commerce the concept of authentication has
encompassed new realities that are a feature of the
relatively narrow avenues for information and potentially
high risks inherent in an online environment. This paper
seeks to provide an understanding about the different ways
of assuring authentication. These authentication rules and
tools including for example public key infrastructure (PKI)
are sometimes meant to set a legal and technological
framework for trustworthy electronic transactions, promoting
e-procurement, e-commerce, e-business, and e-government. The
two considerations of business risk and legal validity are
both intrinsic to the concept of authentication. This report
explores the issues and solutions affecting the concept of
authentication in terms of legislation, management and
technology. This report finds that for online authentication
things is not always what they may seem and that legislation
and technology alone cannot build a trust environment and,
if misunderstood, may produce a high risk illusion. It is
crucial that the limitations and fallibility of the
technology be explicit in its commercial applications and
that business risks be managed accordingly. |
| format |
Publications & Research :: Working Paper |
| author |
Asian Development Bank Inter-American Development Bank World Bank |
| author_facet |
Asian Development Bank Inter-American Development Bank World Bank |
| author_sort |
Asian Development Bank |
| title |
Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers |
| title_short |
Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers |
| title_full |
Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers |
| title_fullStr |
Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers |
| title_full_unstemmed |
Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers |
| title_sort |
authentication and digital signatures in e-law and security : a guide for legislators and managers |
| publisher |
World Bank, Washington, DC |
| publishDate |
2014 |
| url |
http://documents.worldbank.org/curated/en/2004/12/20165808/authentication-digital-signatures-e-law-security-guide-legislators-managers http://hdl.handle.net/10986/20214 |
| _version_ |
1764444820978270208 |
| spelling |
okr-10986-202142021-04-23T14:03:54Z Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers Asian Development Bank Inter-American Development Bank World Bank ACCESS CONTROLS ACTION PLAN APPROPRIATE TECHNOLOGY ASSIGNMENT OF LIABILITY ASYMMETRIC ALGORITHMS ASYMMETRIC CRYPTOGRAPHY ASYMMETRIC ENCRYPTION ASYMMETRIC KEY AUTHENTICATION AUTHENTICATION MECHANISMS AUTHENTICATION TECHNIQUES B2B B2C BACKBONE BIOMETRICS BROWSERS BUSINESS INTERACTIONS BUSINESS MODEL BUSINESS MODELS BUSINESS RELATIONSHIP BUSINESS-TO-BUSINESS BUSINESS-TO-BUSINESS TRANSACTIONS BUSINESS-TO-GOVERNMENT BUSINESSES BUYER CAPABILITIES CAPABILITY CERTIFICATE CERTIFICATE AUTHORITY CERTIFICATE REVOCATION CERTIFICATION AUTHORITIES CERTIFICATION AUTHORITY CIPHER CIPHER-TEXT COMMERCIAL ACTIVITIES COMMERCIAL TRANSACTIONS COMMUNICATIONS TECHNOLOGY COMPUTER CRIME CONFIDENTIAL INFORMATION CONFIDENTIALITY CONSUMER PROTECTION COPYRIGHT CREDIT CARD CREDIT CARD FEES CREDIT CARD HOLDERS CREDIT CARDS CRYPTOGRAPHIC ALGORITHM CRYPTOGRAPHIC KEYS CRYPTOGRAPHY CUSTOM CUSTOMS DECRYPTION DECRYPTION KEY DEVELOPMENT OF ECOMMERCE DIGITAL CERTIFICATE DIGITAL CERTIFICATES DIGITAL DOCUMENT DIGITAL DOCUMENTS DIGITAL SIGNATURE DIGITAL SIGNATURES DISCLOSURE DOMAIN DUE DILIGENCE E- PROCUREMENT E-BUSINESS E-COMMERCE E-COMMERCE DEVELOPMENT E-COMMERCE ENVIRONMENT E-COMMERCE LEGAL FRAMEWORK E-GOVERNMENT E-MAIL E-PROCUREMENT E-SERVICE E-SERVICES E-SIGNATURE E-SIGNATURES E-TRANSACTIONS EBUSINESS ECOMMERCE ECOMMERCE LEGISLATION ELECTRONIC COMMERCE ELECTRONIC COMMERCE TRANSACTIONS ELECTRONIC DATA ELECTRONIC DOCUMENT ELECTRONIC DOCUMENTS ELECTRONIC FORM ELECTRONIC MAIL ELECTRONIC MEDIUM ELECTRONIC MESSAGE ELECTRONIC MESSAGES ELECTRONIC SIGNATURE ELECTRONIC SIGNATURE LAW ELECTRONIC SIGNATURE LAWS ELECTRONIC SIGNATURES ELECTRONIC SOFTWARE ELECTRONIC TRANSACTION ELECTRONIC TRANSACTIONS ELECTRONIC TRANSFER EMAILS ENCRYPTION ENCRYPTION KEY ENCRYPTION TECHNOLOGY EQUIPMENT ESIGNATURE FAXES FINGERPRINT FRONT-END GENERAL PUBLIC GOVERNMENT CONTRACT HANDWRITTEN SIGNATURE HANDWRITTEN SIGNATURES HARD COPY HARDWARE HARMONIZATION HASH HASH FUNCTION HASH RESULT HASH RESULTS ID IMPLEMENTATIONS INFORMATION EXCHANGE INFORMATION SECURITY INTENDED RECIPIENT INTENDED RECIPIENTS INTERNATIONAL STANDARDS INTERNATIONAL TRADE INTEROPERABILITY KEY EXCHANGE KEY MANAGEMENT LAWS ON E-COMMERCE LEGAL ENVIRONMENT LEGAL FRAMEWORKS LEGAL STATUS LEGAL SYSTEM LICENSES MANAGEMENT OF RISK MANAGEMENT PROTOCOLS MANAGEMENT SOFTWARE MANAGEMENT SYSTEM MANUFACTURING MARKETING MATERIAL NETWORKS NEW TECHNOLOGY NON REPUDIATION NON-REPUDIATION NOTARIZATION OBSTACLES TO E-COMMERCE ONLINE ENVIRONMENT OPERATING SYSTEMS PASSWORD PASSWORDS PHYSICAL ACCESS PHYSICAL PRESENCE PHYSICAL STORES PKI PRIVACY PRIVACY PROTECTION PRIVATE KEY PRIVATE KEYS PRIVATE SECTOR PROCUREMENT PROTOCOLS PUBLIC ADMINISTRATION PUBLIC KEY PUBLIC KEY CRYPTOGRAPHY PUBLIC KEY ENCRYPTION PUBLIC KEY INFRASTRUCTURE PUBLIC KEYS REGISTRY REGULATORY ENVIRONMENT REGULATORY FRAMEWORK RELATIONSHIP MANAGEMENT RELIABILITY RESULT RESULTS RISK MANAGEMENT SALE OF GOODS SECRET KEY SECURITY LEVEL SECURITY MANAGEMENT SECURITY OBJECTIVES SECURITY REQUIREMENTS SECURITY RISK SECURITY SECURITY SENSITIVITY OF INFORMATION SERIAL NUMBER SERVER SERVICE PROVIDER SERVICE PROVIDERS SIGNATURE GENERATION SMART CARDS SOFTWARE APPLICATION SOFTWARE APPLICATIONS SYMMETRIC ENCRYPTION SYMMETRIC KEY SYMMETRIC KEY CRYPTOGRAPHY SYMMETRIC KEY ENCRYPTION SYMMETRIC KEYS SYSTEM WEAKNESSES TECHNICAL SUPPORTS TECHNOLOGICAL CAPABILITIES TELEPHONE TIME STAMP TRADITIONAL BUSINESS TRANSACTION TRANSMISSION TRANSMISSION OF INFORMATION TRANSMISSION SECURITY TRANSMISSIONS TRUST RELATIONSHIPS UNIQUE IDENTIFIER USER USER IDENTITIES USERS USES VERIFICATION VIDEO WEB The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive. With the emergence of e-commerce the concept of authentication has encompassed new realities that are a feature of the relatively narrow avenues for information and potentially high risks inherent in an online environment. This paper seeks to provide an understanding about the different ways of assuring authentication. These authentication rules and tools including for example public key infrastructure (PKI) are sometimes meant to set a legal and technological framework for trustworthy electronic transactions, promoting e-procurement, e-commerce, e-business, and e-government. The two considerations of business risk and legal validity are both intrinsic to the concept of authentication. This report explores the issues and solutions affecting the concept of authentication in terms of legislation, management and technology. This report finds that for online authentication things is not always what they may seem and that legislation and technology alone cannot build a trust environment and, if misunderstood, may produce a high risk illusion. It is crucial that the limitations and fallibility of the technology be explicit in its commercial applications and that business risks be managed accordingly. 2014-09-17T18:57:28Z 2014-09-17T18:57:28Z 2004-12 http://documents.worldbank.org/curated/en/2004/12/20165808/authentication-digital-signatures-e-law-security-guide-legislators-managers http://hdl.handle.net/10986/20214 English en_US CC BY 3.0 IGO http://creativecommons.org/licenses/by/3.0/igo/ World Bank, Washington, DC Publications & Research :: Working Paper Publications & Research |