Securing Electronic Workflows with Digital Signatures
Crocker, P.
; Nicolau, VN
Securing Electronic Workflows with Digital Signatures, Proc ACPI - European Conference on Cyber Warfare & Security ECCWS, Dublin, Ireland, Vol. , pp. 721 - 724, June, 2017.
Digital Object Identifier:
Download Full text PDF ( 687 KBs)
Abstract
This paper will describe a platform for secure logging that can be integrated into digital workflow
platforms that provide a set of business process for digital document transformation. In such workflows
documents are digitalized and processed by a set of automatic processes, meta-data and information is
extracted automatically and the documents may be annotated or even altered by physical entities. When
dealing with sensitive information, such as invoices and other accounting information, it is important in such
workflows to create a secure audit trail in order that all alterations to the digital document and the
information extracted at the various stages of the workflow is logged in a secure fashion in order to reproduce
faithfully the process and provide electronic security guarantees that the workflow has been executed in a
correct fashion. The developed framework makes use of Forward Secure Sequential Aggregate Digital
Signatures that guarantee the integrity of the digital documents and respective logs and guarantees that logs
already made cannot be forged or falsified. This type of digital signature has in this case advantages in terms
of key management and signature storage over traditional digital signatures. The solution described in this
paper is based on an audit and secure log web service that catalogues and logs alterations and relevant
accesses to the digital information in the workflow. In terms of the software architecture the audit and log
service is accessed via a REST API and the web service is implemented as a Cloud Based (Azure) web service in
order to handle the large volumes of logs and digital signature that are necessary. The performance of the
solution is tested and results are detailed in this paper. The whole solution has been integrated and tested
within a real business environment, the BizDocs© platform. Preliminary results show that even with significant
overheads due to network communications the overall system remains usable and scalable and resistant to
attacks even when large numbers of documents are processed in parallel.