DOC PREVIEW
MASON ECE 646 - Lecture Slides

This preview shows page 1-2-3 out of 8 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Third-party Digital TimestampingSurety OverviewSample Surety ProjectsAbsoluteProof Step #1 - NotarizationAbsoluteProof Step #2 - ValidationThe Surety DifferentiatorG u a r a n t e e i n g T r u s t w o r t h y E l e c t r o n i c R e c o r d s TMThird-party Digital Timestamping• Provides a reliable means of verifying time and content integrity independent of an organizations internal processes and controls.• Removes the potential as well as the perception that a “super-user” could defeat internal processes and controls undetectably.• Third-party Digital Timestamps are portable and move with content throughout its life cycle.• Proof of time and content integrity no longer dependant upon originating systems.Surety OverviewWho We AreSurety is a privately held, IT security software and services company, based in Herndon, VA.What We DoSurety provides software, and operates a third-party digital time-stamping service, called AbsoluteProofSM, which provides secure, portable, and independent proof of electronic record integrity. Why AbsoluteProofAbsoluteProof provides several features that differentiate it from other third-party digital time-stamping services:1. Hash & LinkAll of Surety’s customers timestamps are linked together in a hash chain to create an auditable and tamperproof timestamp database.2. Widely WitnessedSurety publishes a weekly summary of our timestamp database to provide checkpoints that can used when verifying this database as further evidence that no tampering has occurred.Sample Surety Projects• Identify new or existing applications where third-party digital timestamping would provide significant value and implement/describe that solution.• Describe the relative pros and cons of existing third-party digital timestamping technologies including hash & link (Surety) and hash & sign (RFC 3161) solutions.• Use Surety’s software to replicate the processes undertaken by both timestamping service clients and providers.– This would be a homework project– Perform Notarizations & Validations– Audit & Verify the timestamp database– Publishing timestamp database summaryAbsoluteProof Step #1 - Notarization1Aug 11, 200307:45:042Steps in the Digital Notarization process include:Customer Location21Surety Data CentersSurety-Enabled Application3Aug 11, 200307:45:04Surety Notary Record (SNR)Digital Fingerprint (Hash)Universal Registry DatabaseElectronic Record Aug 11, 200307:45:0434Digital Notarization is the process of sealing the content and time of a Digital Fingerprint. This sealing process serves as a baseline against which any future content and/or time tampering will be detected against A Digital Fingerprint or hash value is a complete representation of the Electronic Record. It preserves confidentiality of the Electronic Record and is typically much smaller in size.From the Electronic Record, a unique Digital Fingerprint is created locally at the customer’s location within a Surety-enable Application The unique Digital Fingerprint is sent to one of Surety’s Datacenters via a secure Internet connection.Surety securely timestamps the Digital Fingerprint and creates the Surety Notary Record (SNR). The SNR contains the Digital Fingerprint, Timestamp and additional traceability information to prove conclusively when the Digital Fingerprint was added to the Universal Registry DatabaseSurety sends the SNR back to the requesting Surety-enable application via a secure Internet connection4AbsoluteProof Step #2 - Validation12Steps in the Validation process include:1Surety Notary Record (SNR)Digital Fingerprint (Hash)Universal Registry DatabaseElectronic Record Aug 11, 200307:45:0434From the Electronic Record, A unique Digital Fingerprint is created and compared to the previously generated Digital Fingerprint stored in the Surety Notary Record (SNR). The validating party must have a Surety-enabled application.Once the ‘local check’ in step 1 has passed, the Surety-enabled application submits the SNR back to one of Surety’s datacenters via a secure Internet connection.Surety compares the digital fingerprint and time information embedded in the SNR to the information it has stored in it’s Universal Registry Database. If they are identical, then the content and time of the Electronic Record remains unaltered. Validation is the process confirming the integrity of the Surety Notary Record (SNR).A successful validation conclusively proves that the time and content of the Electronic Record remain unaltered. A failed validation conclusively proves that either the time and/or content of the Electronic Record have been altered.Surety sends a message with the results of the validation request back to the requesting Surety-enabled application via a secure Internet connection. 4Surety Data CentersAug 11, 200307:45:04Party Requiring ValidationAug 11, 200307:45:04Surety-enabled Application23The Surety Differentiator Surety Customers’ Internal Systems AbsoluteProof Universal Registry DatabaseNew York Times Aug 20, 2003 Edition Aug 11, 200307:45:04 L.E.S.ICertipostBoseRocheEvidence ExchangeEKMMind MattersWGAA single hash chain linkrepresents every digital fingerprint and its precise order and associated time stamp in the Universal Registry Database.Aug 11, 200307:45:01 Aug 11, 200307:45:02 Aug 11, 200307:45:03 Aug 11, 200307:45:00 Aug 15, 200323:59:57 Aug 15, 200323:59:58 Aug 15, 200323:59:59 Aug 16, 200300:00:00 Aug 16, 200300:00:01 On a weekly basis, Surety publicly advertises the Universal Registry by publishing a hash chain link in the New York Times. This hash chain link represents all of Surety’s customers data and associated time sequence!IP.comReal LegalG u a r a n t e e i n g T r u s t w o r t h y E l e c t r o n i c R e c o r d s


View Full Document

MASON ECE 646 - Lecture Slides

Documents in this Course
Load more
Download Lecture Slides
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture Slides and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture Slides 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?