|
Secure Signature Creation Device
A secure signature creation device (SSCD) is a specific type of computer hardware or software that is used in creating an electronic signature. To be put into service as a secure signature creation device, the device must meet the rigorous requirements laid out under Annex II of Regulation (EU) No 910/2014 (eIDAS), where it is referred to as a qualified (electronic) signature creation device (QSCD). Using secure signature creation devices helps in facilitating online business processes that save time and money with transactions made within the public and private sectors. Description The minimum requirements that must be met to elevate an electronic signature creation device to the level of a secure signature creation device are provided in Annex II of eIDAS. Through appropriate procedural and technical means, the device must reasonably assure the confidentiality of the data used to create an electronic signature. It further must ensure that the data used to create an electronic si ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Electronic Signature
An electronic signature, or e-signature, is data that is logically associated with other data and which is used by the signatory to sign the associated data. This type of signature has the same legal standing as a handwritten signature as long as it adheres to the requirements of the specific regulation under which it was created (e.g., eIDAS in the European Union, NIST-DSS in the USA or ZertES in Switzerland). Electronic signatures are a legal concept distinct from digital signatures, a cryptographic mechanism often used to implement electronic signatures. While an electronic signature can be as simple as a name entered in an electronic document, digital signatures are increasingly used in e-commerce and in regulatory filings to implement electronic signatures in a cryptographically protected way. Standardization agencies like NIST or ETSI provide standards for their implementation (e.g., NIST-DSS, XAdES or PAdES). The concept itself is not new, with common law jurisdictions h ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Relevance (law)
Relevance, in the common law of evidence, is the tendency of a given item of evidence to prove or disprove one of the legal elements of the case, or to have probative value to make one of the elements of the case likelier or not. Probative is a term used in law to signify "tending to prove". Probative evidence "seeks the truth". Generally in law, evidence that is not probative (doesn't tend to prove the proposition for which it is proffered) is inadmissible and the rules of evidence permit it to be excluded from a proceeding or stricken from the record "if objected to by opposing counsel". A balancing test may come into the picture if the value of the evidence needs to be weighed versus its prejudicial nature. Under the Federal Rules of Evidence (United States) Until the Federal Rules of Evidence were restyled in 2011, Rule 401 defined relevance as follows: This definition incorporates the requirement that evidence be both material ("of consequence to the determination of the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Signature
A signature (; from la, signare, "to sign") is a handwritten (and often stylized) depiction of someone's name, nickname, or even a simple "X" or other mark that a person writes on documents as a proof of identity and intent. The writer of a signature is a signatory or signer. Similar to a handwritten signature, a signature work describes the work as readily identifying its creator. A signature may be confused with an autograph, which is chiefly an artistic signature. This can lead to confusion when people have both an autograph and signature and as such some people in the public eye keep their signatures private whilst fully publishing their autograph. Function and types The traditional function of a signature is to permanently affix to a document a person's uniquely personal, undeniable self-identification as physical evidence of that person's personal witness and certification of the content of all, or a specified part, of the document. For example, the role of a signatu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authentication Methods
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit. Methods Authentication is relevant to multiple fields. In art, antiques, and anthropology, a common problem is verifying that a given artifact was produced by a certain person or in a certain place or period of history. In computer science, verifying a user's identity is often required to allow access to confidential data or systems. Authentication can be considered to be of three types: The first type of auth ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Regulation
Regulation is the management of complex systems according to a set of rules and trends. In systems theory, these types of rules exist in various fields of biology and society, but the term has slightly different meanings according to context. For example: * in biology, gene regulation and metabolic regulation allow living organisms to adapt to their environment and maintain homeostasis; * in government, typically regulation means stipulations of the delegated legislation which is drafted by subject-matter experts to enforce primary legislation; * in business, industry self-regulation occurs through self-regulatory organizations and trade associations which allow industries to set and enforce rules with less government involvement; and, * in psychology, self-regulation theory is the study of how individuals regulate their thoughts and behaviors to reach goals. Social Regulation in the social, political, psychological, and economic domains can take many forms: legal restriction ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Regulation (European Union)
A regulation is a legal act of the European Union that becomes immediately enforceable as law in all member states simultaneously. Regulations can be distinguished from directives which, at least in principle, need to be transposed into national law. Regulations can be adopted by means of a variety of legislative procedures depending on their subject matter. Description The description of regulations can be found in Article 288 of the Treaty on the Functioning of the European Union (formerly Article 249 TEC). Article 288 To exercise the Union's competences, the institutions shall adopt regulations, directives, decisions, recommendations and opinions. A regulation shall have general application. It shall be binding in its entirety and directly applicable in all Member States. A directive shall be binding, as to the result to be achieved, upon each Member State to which it is addressed, but shall leave to the national authorities the choice of form and methods. A decision ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Electronic Signatures Directive
The Electronic Signatures Directive 1999/93/EC was a European Union directive on the use of electronic signatures (e-signatures) in electronic contracts within the European Union (EU). It was repealed by the eIDAS regulation on 1 July 2016. Contents The central provision of the directive is article 5, which requires that electronic signatures are regarded as equivalent to written signatures. Related acts *Communication from the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions “Action Plan on e-signatures and e-identification to facilitate the provision of cross-border public services in the Single Market” OM(2008) 798 final – Not published in the Official Journal*Commission report of 15 March 2006 on the operation of Directive 1999/93/EC on a Community framework for electronic signatures OM(2006) 120 final – not published in the Official Journal *Commission Decision 2003/511/EC of 14 J ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Non-repudiation
Non-repudiation refers to a situation where a statement's author cannot successfully dispute its authorship or the validity of an associated contract. The term is often seen in a legal setting when the authenticity of a signature is being challenged. In such an instance, the authenticity is being "repudiated". For example, Mallory buys a cell phone for $100, writes a paper cheque as payment, and signs the cheque with a pen. Later, she finds that she can't afford it, and claims that the cheque is a forgery. The signature guarantees that only Mallory could have signed the cheque, and so Mallory's bank must pay the cheque. This is non-repudiation; Mallory cannot repudiate the cheque. In practice, pen-and-paper signatures aren't hard to forge, but digital signatures can be very hard to break. In security In general, ''non-repudiation'' involves associating actions or changes with a unique individual. For example, a secure area may use a key card access system where non-repudiation ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1 revision 5. Common Criteria is a framework in which computer system users can ''specify'' their security ''functional'' and ''assurance'' requirements (SFRs and SARs respectively) in a Security Target (ST), and may be taken from Protection Profiles (PPs). Vendors can then ''implement '' or make claims about the security attributes of their products, and testing laboratories can ''evaluate'' the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use. Common Criteria maintains a list of ce ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
EIDAS
eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation on electronic identification and trust services for electronic transactions in the European Single Market. It was established in EU Regulation 910/2014 of 23 July 2014 on electronic identification and repeals 1999/93/EC from 13 December 1999. It entered into force on 17 September 2014 and applies from 1 July 2016 except for certain articles, which are listed in its Article 52. All organizations delivering public digital services in an EU member state must recognize electronic identification from all EU member states from September 29, 2018. Description eIDAS oversees electronic identification and trust services for electronic transactions in the European Union's internal market. It regulates electronic signatures, electronic transactions, involved bodies, and their embedding processes to provide a safe way for users to conduct business online like electronic funds transfer or transac ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Personal Identification Number
A personal identification number (PIN), or sometimes redundantly a PIN number or PIN code, is a numeric (sometimes alpha-numeric) passcode used in the process of authenticating a user accessing a system. The PIN has been the key to facilitating the private data exchange between different data-processing centers in computer networks for financial institutions, governments, and enterprises. PINs may be used to authenticate banking systems with cardholders, governments with citizens, enterprises with employees, and computers with users, among other uses. In common usage, PINs are used in ATM or POS transactions, secure access control (e.g. computer access, door access, car access), internet transactions, or to log into a restricted website. History The PIN originated with the introduction of the automated teller machine (ATM) in 1967, as an efficient way for banks to dispense cash to their customers. The first ATM system was that of Barclays in London, in 1967; it accepted ch ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
