Portal de Periódicos da CAPES

Secure Web Forms with Client-Side Signatures

2005; Springer Science+Business Media; Linguagem: Inglês

10.1007/11531371_46

1611-3349

Mikko Honkala, Petri Vuorimaa,

IPv6, Mobility, Handover, Networks, Security

The World Wide Web is evolving from a platform for information access into a platform for interactive services. The interaction of the services is provided by forms. Some of these services, such as banking and e-commerce, require secure, non-repudiable transactions. This paper presents a novel scheme for extending the current Web forms language, XForms, with secure client-side digital signatures, using the XML Signatures language. The requirements for the scheme are derived from representative use cases. A key requirement, also for legal validity of the signature, is the reconstruction of the signed form, when validating the signature. All the resources, referenced by the form, including client-side default stylesheets, have to be included within the signature. Finally, this paper presents, as a proof of concept, an implementation of the scheme and a related use case. Both are included in an open-source XML browser, X-Smiles.