Upload
morgan-rodgers
View
215
Download
1
Embed Size (px)
Citation preview
Digital Signatures to support Trust
Ronny BjonesSecurity ArchitectMicrosoft Corporate
www.oasis-open.org
Digital Signatures Scenarios Code Signing Integrity/Trust on a protocol level – many time
invisible Document signing (qualified or not) Form signing Claim-based Applications
Support Trust in Code Code Signing
ActiveX Kernel Drivers .Net Apps
Apps have an identity
Software Restriction Policies
Support Trust in Protocols SSL/TLS Client authentication s/mime signing
IPSec (IKE) Kerberos PKINIT …
Support Trust in Documents Signing contract
Office Signature XPS (XML Paper Specification) - WSIWYS
Patent requests
Support Trust in Workflows XML Signatures (Embedded Signatures)
Document types don’t change in the workflow after signature XAdES
Server side
Support Trust in Authentication & Authorization Claim-based Applications Identity Metasystem Authentication/Authorization become
policy-decisions
QuEST
Qualified Electronic Signatures Tutorial
Demystify Qualified Electronic signatures Best practice/guidance for designing a
Qualified Electronic signature solution
http://tinyurl.com/8428q
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be
interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.