On the Availability and Effectiveness of Open Source Software for Digital Signing of PDF Documents

  • Jonas Gamalielsson
  • Fredrik Jakobsson
  • Björn Lundell
  • Jonas Feist
  • Tomas Gustavsson
  • Fredric Landqvist
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 451)

Abstract

Digital signatures are important in order to ensure the integrity and authenticity of information communicated over the Internet involving different stakeholders within and beyond the borders of different nations. The topic has gained increased interest in the European context and there is legislation and project initiatives aiming to facilitate use and standardisation of digital signatures. Open standards and open source implementations of open standards are important means for the interoperability and long-term maintenance of software systems implementing digital signatures. In this paper we report from a study aiming to establish the availability and effectiveness of software provided under an open source license for digital signing and validation of PDF documents. Specifically, we characterise the use of digital signatures in Swedish Governmental agencies, report on the interoperability of open source and proprietary licensed software for digital signatures in PDF documents, and establish the effectiveness of software provided under an open source license for validation of digital signatures in PDF documents.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adobe.com: PDF Reference – Adobe Portable Document Format, Version 1.7 (2006). www.adobe.com/content/dam/Adobe/en/devnet/pdf/pdfs/pdf_reference_1-7.pdf (accessed January 5, 2015)
  2. Adobe.com: Acrobat XI Pro (2015). http://www.adobe.com/products/acrobatpro.html (accessed January 5, 2015)
  3. Apache.org: Apache PDFBox – A Java PDF Library (2015). https://pdfbox.apache.org/ (accessed January 5, 2015)
  4. Bird, G.B.: The Business Benefit of Standards. StandardView 6(2), 76–80 (1998)CrossRefMathSciNetGoogle Scholar
  5. Bouncycastle.org: The Legion of the Bouncy Castle (2015). https://www.bouncycastle.org/ (accessed January 5, 2015)
  6. EC: DIRECTIVE 1999/93/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on a Community framework for electronic signatures. Official Journal of the European Union, L13/12, December 13, 1999Google Scholar
  7. EC: Commission decision on the publication of reference numbers of generally recognised standards for electronic signature products in accordance with Directive 1999/93/EC of the European Parliament and of the Council. Official Journal of the European Union, L175/45, July 14, 2003Google Scholar
  8. EC: REGULATION (EU) NO 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC. Official Journal of the European Union, L257/73, July 23, 2014Google Scholar
  9. E-signatures-standards.eu: e-signatures standards – making e-signatures easy (2013). http://www.e-signatures-standards.eu/ (accessed January 5, 2015)
  10. Ghosh, R.A.: Open Standards and Interoperability Report: An Economic Basis for Open Standards. FLOSSPOLS, Deliverable D4, Maastricht, December 12, 2005. www.flosspols.org
  11. ISO: Document management – Electronic document file format for long-term preservation – Part 1: Use of PDF 1.4 (PDF/A-1). ISO/TC 171/SC 2, ISO 19005-1:2005 (2005)Google Scholar
  12. ISO: Document management – Portable document format – Part 1: PDF 1.7. ISO/TC 171/SC 2, ISO 32000-1:2008 (2008)Google Scholar
  13. Itextpdf.com: iText – Programmable PDF Software (2015). http://itextpdf.com/ (accessed January 5, 2015)
  14. Joinup.eu: Digital Signature Service (2011). https://joinup.ec.europa.eu/asset/sd-dss/description (accessed January 5, 2015)
  15. Kaur, R., Kaur, A.: Digital signature. In: Proceedings of the International Conference on Computing Sciences, ICCS 2012, September 14-15, pp. 205–301 (2012). doi: 10.1109/ICCS.2012.25
  16. Lowagie, B.: Digital Signatures for PDF documents (2013). http://itextpdf.com/book/digitalsignatures20130304.pdf (accessed January 5, 2015)
  17. Lundell, B.: Why do we need open standards? In: Orviska, M., Jakobs, K. (eds.) Proceedings 17th EURAS Annual Standardisation Conference ‘Standards and Innovation’. The EURAS Board Series, Aachen, pp. 227–240 (2012) ISBN: 978-3-86130-337-4Google Scholar
  18. Lundell, B., Lings, B., Syberfeldt, A.: Practitioner perceptions of Open Source software in the embedded systems area. Journal of Systems and Software 84(9), 1540–1549 (2011)CrossRefGoogle Scholar
  19. Roy, A., Karforma, S.: A survey on digital signatures and its applications. Journal of Comper and Information Technology (IJCIT) 3, 45–69 (2012)Google Scholar
  20. SFS: Lag om kvalificerade elektroniska signaturer. Statens författningssamling, SFS 2000:832, November 2, 2000Google Scholar
  21. Signserver.org: SignServer – PKI by PrimeKey (2015). http://www.signserver.org/ (accessed January 5, 2015)
  22. UK: Open Standards Principles: For software interoperability, data and document formats in government IT specifications. Cabinet Office, UK (November 1, 2012)Google Scholar
  23. WEF: The Global Information Technology Report 2014, World Economic Forum, Geneva (2014) ISBN-13: 978-92-95044-63-0Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2015

Authors and Affiliations

  • Jonas Gamalielsson
    • 1
  • Fredrik Jakobsson
    • 1
  • Björn Lundell
    • 1
  • Jonas Feist
    • 2
  • Tomas Gustavsson
    • 3
  • Fredric Landqvist
    • 4
  1. 1.University of SkövdeSkövdeSweden
  2. 2.RedBridge ABKistaSweden
  3. 3.PrimeKey Solutions ABSolnaSweden
  4. 4.Findwise ABGöteborgSweden

Personalised recommendations