dcsimg
Login | Register   
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


advertisement
 

Authenticate Your Data with PKI and Digital Signatures

Utilize PKI and Digital Signatures to enables users to digitally sign documents, keeping others from modifying them and allowing you to validate user data. Marc D'Aoust demonstrates how with a sample application and all the code.


advertisement

WEBINAR:

On-Demand

Application Security Testing: An Integral Part of DevOps


ow would you create an application that enables a user to retrieve sensitive data from a database and secure it, preventing other users from tampering with it? The application would have the following feature requirements:
  • The system must require the user to approve the data.
  • The system must store proof that a specific user has read and approved the data.
Timestamps and passwords immediately come to mind, but are they the best solution for such strict data authentication requirements? Because Public Key Infrastructure (PKI) and Digital Signature technology commonly are used in security and privacy software for e-mail, you may not consider them as readily—but you should. PKI and Digital Signatures actually can fulfill the data requirements for your app quite well.

PKI is a framework for message protection and authentication that uses asymmetric encryption. Unlike symmetric encryption algorithms, in which the same key is used to both encrypt and decrypt data, an asymmetric algorithm generates a set of complimentary keys: one for encrypting data and the other for decrypting it. This eliminates the need to share the secret key and also removes the risk of someone intercepting it.

In this article, I will demonstrate how to utilize PKI and Digital Signatures in a sample application that enables users to digitally sign documents, keeping others from modifying them and allowing you to validate user data.



Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
Thanks for your registration, follow us on our social networks to keep up-to-date