Skip to main content
SpringerLink
Log in

A Sustainable Architecture for Secure and Usable Mobile Signature Solutions

  • Conference paper
Book cover Web Information Systems and Technologies (WEBIST 2015)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 246))

  • 433 Accesses

Abstract

Electronic signatures are a crucial building block of transactional e-services. This especially applies to the European Union, where so-called qualified electronic signatures are legally equivalent to their handwritten pendant. For many years, signature solutions, which enable users to create electronic signatures, have been designed for classical end-user devices such as desktop computers or laptops. In most cases, these solutions cannot be easily applied on mobile end-user devices such as smartphones or tablet computers, due to the special characteristics of these devices. This complicates a use of transactional e-services on mobile devices and excludes a growing number of users, who prefer mobile access to services. To tackle this problem, this paper provides a basis for mobile signature solutions that are compatible to and applicable on mobile end-user devices. Possible architectures for these solutions are systematically derived from an abstract model first. Then, the best alternative is determined by means of systematic assessments. In particular, the aspects security and usability are considered in detail. This finally yields an implementation-independent and technology-agnostic architecture that can be used as basis for concrete implementations. By keeping the proposed solution on a rather abstract architectural level, its validity is assured, even if available mobile technologies and the current state of the art change. This way, the proposed architecture represents a sustainable basis for future mobile signature solutions and paves the way for transactional e-services on mobile end-user devices.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 34.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 44.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. A-Trust: Handy-Signatur - Your digital identity (2015). https://www.handy-signatur.at

  2. Agência para a Modernização Administrativa: Cartão de Cidadão (2015). http://www.cartaodecidadao.pt

  3. Al-Hadidi, A., Rezgui, Y.: Critical success factors for the adoption and diffusion of m-Government services: a literature review. In: Proceedings of the European Conference on e-Government, ECEG, pp. 21–28 (2009)

    Google Scholar 

  4. Al-khamayseh, S., Lawrence, E., Zmijewska, A.: Towards understanding success factors in interactive mobile government (2007). http://www.mgovernment.org/

  5. ANSI: Public Key Cryptography for the Financial Services Industry, The Elliptic Curve Digital Signature Algorithm (ECDSA) (2005) http://webstore.ansi.org/RecordDetail.aspx?sku=ANSI+X9.62%3A2005

  6. Apple: iOS 8 (2015). https://www.apple.com/at/ios/

  7. Arnellos, A., Lekkas, D., Zissis, D., Spyrou, T., Darzentas, J.: Fair digital signing: the structural reliability of signed documents. Comput. Secur. 30(8), 580–596 (2011). http://www.sciencedirect.com/science/article/pii/S016740481100112X

    Article  Google Scholar 

  8. CEN: CWA 14169 - Secure Signature-Creation Devices “EAL 4+”. Technical report, European Committee for Standardization (2004)

    Google Scholar 

  9. CEN: CWA 14170 - Security Requirements for Signature Creation Applications (2004). http://standards.cen.eu/dyn/www/f?p=204:110:0::::FSP_ PROJECT,FSP_ORG_ID:23764,400296&cs=1C1B2F4DF3464C9FD768CB422F16D3387

  10. Check Point Software Technologies Ltd: Media Alert: Check Point and Versafe Uncover New Eurograbber Attack (2012). http://www.checkpoint.com/press/2012/120512-media-alert-cp-versafe-eurograbber-attack.html

  11. Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing Inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, pp. 239–252. ACM Press (2011). http://www.eecs.berkeley.edu/~emc/papers/mobi168-chin.pdf

  12. Common Criteria (2013). http://www.commoncriteriaportal.org/

  13. El-Kiki, T.: mGovernment: a reality check. In: Conference Proceedings of the 6th International Conference on the Management of Mobile Business, ICMB 2007, p. 37. IEEE (2007)

    Google Scholar 

  14. El-Kiki, T., Lawrence, E.: Mobile user satisfaction and usage analysis model of mGovernment services. In: Proceedings of the Second European Mobile Government Conference, pp. 91–102 (2006)

    Google Scholar 

  15. Enck, W., Ongtang, M., McDaniel, P.: Understanding android security. IEEE Secur. Priv. 7, 50–57 (2009)

    Article  Google Scholar 

  16. ETSI: Conformity Assessment for Signature Creation and Validation Applications (2014). http://docbox.etsi.org/esi/Open/Latest_Drafts/prEN_419103_v002_conformity-assessment-sign-creation-validation_COMPLETE-draft.pdf

  17. Fairchild, A., de Vuyst, B.: The evolution of the e-ID card in Belgium: data privacy and multi-application usage. In: Sixth International Conference on Digital Society, pp. 13–16, Valencia (2012)

    Google Scholar 

  18. Google: Android (2015). https://www.android.com/

  19. Harrison, R., Flood, D., Duce, D.: Usability of mobile applications: literature review and rationale for a new usability model. J. Interact. Sci. 1(1), 1 (2013)

    Article  Google Scholar 

  20. ID.ee: Mobiil-ID (2015). http://id.ee/index.php?id=36881

  21. Karan, K., Khoo, M.: Mobile diffusion and development: issues and challenges of m-Government with India in perspective. In: Proceedings of the 1st International Conference on M4D Mobile Communication Technology for Development, pp. 138–149 (2008)

    Google Scholar 

  22. Leitold, H., Hollosi, A., Posch, R.: Security architecture of the Austrian citizen card concept. In: 2002 Proceedings of the 18th Annual Computer Security Applications Conference, pp. 391–400 (2002)

    Google Scholar 

  23. mobiForge: Mobile software statistics 2014 (2015). http://mobiforge.com/research-analysis/mobile-software-statistics-2014

  24. Network Working Group: The Transport Layer Security (TLS) Protocol Version 1.2 (2008). http://tools.ietf.org/rfcmarkup/5246

  25. OpenSignal: Android fragmentation visualized. Technical report (2014). http://opensignal.com/reports/2014/android-fragmentation/

  26. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MathSciNet  MATH  Google Scholar 

  27. Rogers, M., Goadrich, M.: A hands-on comparison of iOS vs. Android. In: Proceedings of the 43rd ACM Technical Symposium on Computer Science Education, SIGCSE 2012, p. 663. ACM, New York (2012)

    Google Scholar 

  28. The European Parliament, the Council of the European Union: Directive 1999/93/EC of the European Parliament and of the Council of 13 on a Community Framework for Electronic Signatures, December 1999

    Google Scholar 

  29. The European Parliament, the Council of the European Union: Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 on Electronic Identification and Trust Services for Electronic Transactions in the Internal Market and Repealing Directive 1999/93/EC, July 2014

    Google Scholar 

  30. Zefferer, T., Kreuzhuber, S., Teufl, P.: Assessing the suitability of current smartphone platforms for mobile government. In: Kő, A., Leitner, C., Leitold, H., Prosser, A. (eds.) EDEM 2013 and EGOVIS 2013. LNCS, vol. 8061, pp. 125–139. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  31. Zefferer, T., Krnjic, V.: Usability evaluation of electronic signature based e-Government solutions. In: Proceedings of the IADIS International Conference WWW/INTERNET 2012, pp. 227–234 (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Applied Information Processing and Communications, Graz University of Technology, Inffeldgasse 16a, 8010, Graz, Austria

    Thomas Zefferer

Authors
  1. Thomas Zefferer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas Zefferer .

Editor information

Editors and Affiliations

  1. University of Paris, Paris, France

    Valérie Monfort

  2. RWTH Aachen University, Aachen, Germany

    Karl-Heinz Krempels

  3. Department of Information Systems, University of Agder, Kristiansand, Vest-Agder Fylke, Norway

    Tim A. Majchrzak

  4. Faculty of Civil and Geodetic Engineering, University of Ljubljana, Ljubljana, Slovenia

    Žiga Turk

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Zefferer, T. (2016). A Sustainable Architecture for Secure and Usable Mobile Signature Solutions. In: Monfort, V., Krempels, KH., Majchrzak, T.A., Turk, Ž. (eds) Web Information Systems and Technologies. WEBIST 2015. Lecture Notes in Business Information Processing, vol 246. Springer, Cham. https://doi.org/10.1007/978-3-319-30996-5_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-30996-5_17

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-30995-8

  • Online ISBN: 978-3-319-30996-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation