Trusted Electronic

Transactions
TOPICS COVERED

 Why conduct transactions electronically?

 Three Characteristics that ensure trust in
electronic transactions
 How we achieve trust in paper-based
transactions
 Problems with common electronic
transactions
TOPICS COVERED

 Achieving trust in electronic transactions

with Digital Signature technology and an
effective archiving scheme
• What are digital Signatures? An
introduction to Public Key Infrastructure
• An introduction to Archiving digitally
signed transactions using XML.
 TOPICS COVERED

 Applying Public Key Infrastructure to

address security risks when granting public
access to community-right-to-know data
 Relevant Legislation regarding Digital
Signatures and electronic government
transactions
 ELECTRONIC TRANSACTIONS

 Streamline Reporting Process

• Reduce burden on regulated community

 Efficient Record Retention
 Timely and Accurate Data Retrieval and Access
• Emergency Response (24/7 access)
• Community-Right-to-Know
 CAN ELECTRONIC DATA BE TRUSTED?

 Accuracy and Authenticity

• Decisions regarding Environmental Health and Impact
 Security
• Protection from unauthorized access
• Tamper-resistant
 Accidental – human errors
 Intentional - Fraud

 Credibility in Judicial Proceedings

• Effective Enforcement
• Plaintiff/Defendant Subpoena
JUDICIAL CREDIBILITY is the Highest
Standard for Trusted Data **

 Evidence must be unambiguous to be

admissible in court

 Once admitted into Court, evidence must be

persuasive to a jury

** National Governor’s Association (NGA) State Guide to Environmental Reporting

WHAT DETERMINES A LEGALLY
BINDING REPORT ?

1. AUTHENTICATION: the ability to prove the

sender’s identity
2. REPORT INTEGRITY: the ability to prove that
there has been no change during transmission,
storage, or retrieval
3. NON-REPUDIATION: the ability to prove that the
originator of a report intended to be bound by the
information contained in the report
NON-REPUDIATION

REPORT INTEGRITY

AUTHENTICATION
TRUST IN PAPER-BASED REPORTS
ELECTRONIC REPORTING
FROM PAPER TO ELECTRONIC:
Repudiation Risks in Basic Electronic
Transactions

 “I did not send that report !”

 “That report is not the one I sent !”
 “I did not mean that !”
“I did not send that report !”

 Identity of user is unknown

 Possible Solutions:
Telephone call follow-up
Terms and Conditions Agreement (TCA) /
Mailed Certification Agreement
Mail a Diskette Containing Electronic
Data
“That report is not the one I sent !”

 Electronic reports contain no evidence of

tampering in transmission, storage or
retrieval
 Sources of possible loss of data integrity
• Human Error
• Data Corruption
• Fraud
Ensuring Authenticity and Report Integrity
in Electronic Transactions

 Digital Signatures
• Public Key Infrastructure
Public Key Infrastructure (PKI)

PKI is a combination of software,

encryption technologies and facilities that can
facilitate trusted electronic transactions.
 PKI Components
•Key Pairs
•Certificate Authority
•Public Key Cryptography
Key Pairs

• A “key” is a unique digital identifier

– Keys are produced using a random number
generator
• A “key pair” consists of two mathematically
related keys
– The private key is secret and under the
sole control of the individual
– The public key is open and published
Certificate Authority

• A trusted authority
• Responsible for creating the key pair,
distributing the private key,
publishing the public key and
revoking the keys as necessary
• The “Passport Office” of the Digital
World
Digital Certificates
• A unique electronic signifier issued by a
Certificate Authority that functions like a
passport to verify a user’s identity.
• The certificate authority binds the unique
key to the following
• Name of the Certificate Authority
• Certificate Expiration Date
• Certificate Identity Number

• Certificate Storage
• software tokens
• browser certificate stores
• hardware tokens (Smart Cards, USB Tokens)
Public Key Cryptography

Complimentary Algorithms are used to

encrypt and decrypt documents

Encryption key
@#@#@$
$56455908283923
542#$@$#%$%
$^&
Decryption key
Unreadable Format
 Public Key Infrastructure in Action

Public Key Private Key

Secure
Encrypting Decrypting
Transmission
Signatures Decrypting Encrypting
 Digital Signatures
Private key

Report Encryption Algorithm Digitally Signed

An individual digitally signs a document using the

private key component of his certificate.
 Authentication and Verification

The individual’s public key, published by the CA

decrypts and verifies the digital signature.

Public Key
Decryption Algorithm

Digitally Signed
Authentication and Verification

• Any changes made to the report will

invalidate the signature
• Provides evidence of report integrity
• Provides proof of report originator’s identity -
Authentication
Security in Transmission

• Secure Socket Layer (SSL)

• https
• Submission is encrypted by the sender
with recipient’s public key
• After receipt, submission is decrypted
with recipient’s private key
ACHIEVING TRUST IN ELECTRONIC REPORTS
 What Should Be Signed ?

 Balance between capturing the entire content of

the transaction vs. ease of data integration
 Data that is Machine readable but which separates
user entry content from context: database, comma
delimited, spreadsheet, etc
 Data that records content and context but which are
not easily integrated into databases: word, pdf, image,
html, etc
Ensuring Non-repudiation in Electronic
Transactions
 Capturing Complete Transactions in
Archive
• Signing the content and context of a
transaction
• Storing the signed transaction in a data
warehouse without manual intervention
XML

 eXtensible Markup Language

 XML can be used to store both the
questions on the form (context) and the
data entered by the user (content).
 The entire form can be stored as one
object
 Default Values
 Lookup values (ie chemical classifications)
 Questions
 Physical Characteristics
XML Schema

From the W3C: http://www.w3.org/1999/05/06-xmlschema-1/

…define and describe a class of XML documents by using

these constructs to constrain and document the meaning, usage
and relationships of their constituent parts: datatypes, elements
and their content, attributes and their values, entities and their
contents and notations. Schema constructs may also provide for
the specification of implicit information such as default values.
Schemas are intended to document their own meaning, usage,
and function through a common documentation vocabulary.

Business Plan Schema

INCORPORATING XML AND PKI
• XML Transaction Instance conforming to Schema
• Public Key Cryptography via Web Browser plugin
Granting Public Access to paper reports

 Public comes into agency office

 Public provides driver’s license or other
identification
 Agency can monitor who is accessing data
Providing Trusted Electronic
Access to Data

 Identity of user is unknown

 Access cannot be monitored
 Relying on the Certificate Authority
Applying PKI to Public Access

Digital
Public Certificate

In order to obtain access to Community Right

to Know Data, individuals first obtain digital
Certificates.
 Digital
Public Certificates
Agency

After contributing a certificate to gain access,

The individual’s certificate can be cross-
referenced with other security databases to
monitor suspect individuals.
RELEVANT LEGISLATION

 TITLE 27, Part 2, Article 5

 CA Title 2, Division 7, Ch.10 Digital
Signatures
TITLE 27 – CUPA Legislation
California Digital Signature Regulations
California Code of Regulations
Title 2. Administration DIVISION 7. CHAP 10. DIGITAL SIGNATURES
http://www.ss.ca.gov/digsig/regulations.htm

• Definitions
• Digital Signatures Must Be Created By An Acceptable
Technology- Criteria For Determining Acceptability
• List of Acceptable Technologies
• Provisions For Adding New Technologies to the List of
Acceptable Technologies
• Issues to Be Addressed By Public Entities When Using
Digital Signatures
California Digital Signature Regulations
 The technology known as Public Key Cryptography is
an acceptable technology for use by public entities in
California, provided that the digital signature is
created consistent with the provisions in Section
22003(a)1-5.
 "Acceptable Certification Authorities" means a
certification authority that meets the requirements of
either Section 22003(a)6(C) or Section 22003(a)6(D).
 "Approved List of Certification Authorities" means the
list of Certification Authorities approved by the
Secretary of State to issue certificates for digital
signature transactions involving public entities in
California.
Summary: Electronic Report Transactions
are subject to fraud and easily repudiated:

 Unsigned Web forms can be sent by

anyone. They can be tampered in
transmission and the sender can’t be legally
verified
 Unsigned Data in a database can be altered
and does not provide adequate evidence in
a court of law
 Data on Diskette can be altered without
visible evidence
Summary, cont.

 Digitally signed reports can also be repudiated,

if the signed data is stored independently of the
form question data.
Conclusion: Ensuring Trusted Electronic
Transactions

1. PKI supports trusted electronic

report transactions:

 Authentication- authenticates the

sender of a report
 Report Integrity- invalidates a report if it
has been tampered.
 Non-repudiation- sender and document
are authenticated- the sender cannot
deny having sent the report
Conclusion, cont.

2. PKI supports trusted access to Public Data:

 Agencies require individuals to contribute
digital certificates in order to gain access.
 Agencies can track who gains access at
what time
 The names of individuals who seek access
can be cross-referenced with additional
security databases to protect public safety
Conclusion, cont.

3. Complete Archiving ensures that a legal

record of a transaction can be trusted :
 Non-repudiation- Storing a copy of the entire
data (including questions on the form) with
the digital signature.
Resources:
• eCompliance, Inc. http://www.ecompliance.net
• White paper/ Electronic Transactions
• Copy of presentation

• Environmental Protection Agency

• Central Data Exchange http://www.epa.gov/cdx/cde
.html

• National Governor’s Association

• State Guide to Electronic Reporting of
Environmental Data http://www.nga
.org/center/divisions/1,1188,C_ISSUE_BRIEF%5ED_1139,
00.html