Pal gov.tutorial6.session6.digital signature & e evidence
Upcoming SlideShare
Loading in...5
×
 

Pal gov.tutorial6.session6.digital signature & e evidence

on

  • 447 views

 

Statistics

Views

Total Views
447
Views on SlideShare
411
Embed Views
36

Actions

Likes
0
Downloads
6
Comments
0

1 Embed 36

http://www.egovacademy.ps 36

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial LicenseCC Attribution-NonCommercial License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Pal gov.tutorial6.session6.digital signature & e evidence Pal gov.tutorial6.session6.digital signature & e evidence Presentation Transcript

  • ‫أكاديمية الحكومة اإللكترونية الفلسطينية‬ The Palestinian eGovernment Academy www.egovacademy.psTutorial 6: The Legal Framework of New Technologies Session6 Digital Signature & e-evidence Dr. Samer Najjar Dr. Feras Milhem PalGov © 2011 1
  • AboutThis tutorial is part of the PalGov project, funded by the TEMPUS IV program of theCommission of the European Communities, grant agreement 511159-TEMPUS-1-2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.psProject Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, PalestineCoordinator:Dr. Mustafa JarrarBirzeit University, P.O.Box 14- Birzeit, PalestineTelfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
  • © Copyright NotesEveryone is encouraged to use this material, or part of it, but should properlycite the project (logo and website), and the author of that part.No part of this tutorial may be reproduced or modified in any form or by anymeans, without prior written permission from the project, who have the fullcopyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SAThis license lets others remix, tweak, and build upon your work non-commercially, as long as they credit you and license their new creationsunder the identical terms. PalGov © 2011 3 View slide
  • ILOs• Introduce students with the rules of e- evidence as well as digital signature in Palestine. ً‫• مقدمة عن قواعد األثبات القانونً والتوقٌع األلكترونً ف‬ ‫فلسطٌن‬• Explain the importance of e-evidence and digital signature in general and for the e- government in particular ً‫• بٌان أهمٌة قواعد االثبات القانونً والتوقٌع األلكترون‬ .‫بشكل عام، وللحكومة األلكترونٌة بشكل خاص‬ PalGov © 2011 4 View slide
  • e-evidence‫اإلثبات القانوني‬ – Digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial. – Before accepting digital evidence a court will determine if the evidence is relevant, whether it is authentic, if it is hearsay and whether a copy is acceptable or the original is required. ‫– األدلة الرقمٌة أو اإللكترونٌة األدلة الثبوتٌة أٌة معلومات مخزنة‬ .‫أو منقولة فً شكل رقمً التً قد تستخدم فً المحاكمة‬ ‫– قبل قبول األدلة الرقمٌة سوف تقوم المحكمة بتحدٌد ما إذا كانت‬ .‫األدلة مقبولة‬ PalGov © 2011 5
  • e-evidence Found in‫موجود في‬ – e-mails – digital photographs – ATM transaction logs – word processing documents – instant message histories – files saved from accounting programs – spreadsheets – internet browser histories – databases – Contents of computer memory – Computer backups – Computer printouts – Global Positioning System tracks – Logs from a hotel’s electronic door locks – Digital video or audio files PalGov © 2011 6
  • Legal foundation of e-evidence‫اإلطار القانوني‬ - Absence of such a special law. .‫- غٌاب إطار قانونً خاص‬ - No case law available from Palestinian courts ‫- غٌاب سوابق قضائٌة من محاكم فلسطٌنٌة‬ - No any regulation of technologies to approve authentications such as digital signature )ً‫- ال ٌوجد قانون ٌنظم التوثٌق (التصدٌق االلكترون‬ PalGov © 2011 7
  • Evidence law 20012001 ‫قانون البينات‬- No substantive rules to govern e-evidence ً‫- ال توجد قواعد جوهرٌة تنظم االثبات القانون‬- Only scattered rules: ‫فقط قواعد مبعثرة وغٌر كافٌة‬• Article 19: Correspondence and telegrams, telex, fax and e-mail, have the force of evidence if it originally filed in the Office of Export, signed by the sender. The cables are identical to the origin until proven to the contrary. ‫• تكون للبرقٌات ومكاتبات التلكس والفاكس والبرٌد اإللكترونً هذه القوة أٌضا إذا‬ ‫كان اصلها المودع فً مكتب التصدٌر موقعا ً علٌها من مرسلها، وتعتبر البرقٌات‬ .‫مطابقة ألصلها حتى ٌقوم الدلٌل على عكس ذلك‬ PalGov © 2011 8
  • Evidence law 20012001 ‫قانون البينات‬- Chapter 3 of the law stipulates that the accounting records of merchants constitute a proof against them whether these records are on paper or digital.‫- إعتبر الجزء الثالث من القانون أن الدفاتر التجارٌة حجة‬ ‫على أصحابها سواء كانت ورقٌة أو رقمٌة. ولٌس على‬ .‫الغٌر‬ PalGov © 2011 9
  • ‫4002 ‪The Law of Securities No. 12 of‬‬‫قانون األوراق المالية4002‬‫‪- The Law legally acknowledged the‬‬ ‫‪digital evidences in Securities related‬‬ ‫)101 ‪disputes (article‬‬ ‫- على الرغم مما ورد فً أي تشرٌع آخر، فإنه ٌجوز‬‫اإلثبات بقضاٌا األوراق المالٌة والمعامالت التً تتم لدى‬‫الهٌئة والسوق بواسطة البٌانات اإللكترونٌة أو الصادرة‬ ‫عن الحاسوب وتسجٌالت الهاتف ومراسالت أجهزة‬ ‫التلكس والفاكسمٌلً. (مادة 101)‬ ‫1102 © ‪PalGov‬‬ ‫01‬
  • What is needed to be done‫ما يمكن عمله‬• In some countries, a special law is adopted, eg., Canadian E-evidence Law. ‫• فً بعض الدول، تم تبنً قانون خاص باألثبات‬ .ً‫القانون‬• Some countries included scattered rules in relative legislation. Eg. E- commerce law or e-transaction law. ‫• فً دول أخرى تم تضمٌن نصوص فً قوانٌن مختلفة‬ ‫مثل قوانٌن التجارة أو المعامالت االلكترونٌة‬ PalGov © 2011 11
  • What is needed to be done‫ما يمكن عمله‬• UNCITRAL assigned some rules on e- evidence and suggestions to assure authentication and overcome security difficulties(This will be discussed later under e- commerce section) PalGov © 2011 12
  • Some thing to think about• Can the Palestinian courts weight an email as a proof in a court litigation. ‫• هل تستطٌع المحاكم الفلسطٌنٌة اإلعتماد على رسالة‬ .‫إلكترونٌة كدلٌل إثبات فً قضٌة أمام المحاكم‬ PalGov © 2011 13
  • Summary• Palestine lacks the legal foundation of E-evidence, amendments to exiting laws or a harmonized law should be adopted..ً‫• تفتقر فلسطٌن إلى إطار قانونً ناظم للتوقٌع األلكترون‬ ‫ٌجب تبنً إما تعدٌالت على قوانٌن قائمة أو تبنً قانون‬ .‫شامل‬ PalGov © 2011 14
  • References• Palestinian Law on Evidence of 2001.• Palestinian Law on Securities Law 2004.• Palestinian Draft e-transactions law.• CRIDS, University of Namur, PowerPoint Presentation on E-evidence, 2011.• Interview with Dr. Amin Dawas, Arab- American University of Jenin 5 Oct. 2011.• http://www.uncitral.org/pdf/english/texts/el ectcom/05-89450_Ebook.pdf PalGov © 2011 15
  • Digital Signature ‫التوقيع الرقمي‬• Dr. Samer Najjar PalGov © 2011 16
  • Digital Signature, what is it?• A digital signature is an electronic signature produced by a code (software) that can be used to authenticate the identity of the sender of a message or the signer of a document. ‫• التوقٌع الرقمً هو توقٌع الكترونً ناتج عن استعمال‬ ‫برنامج خاص، وٌمكن استخدامه للتأكد من هوٌة المرسل‬ ِ ‫لرسالة او لمن وقع وثٌقة الكترونٌة‬ PalGov © 2011 17
  • Digital Signature, what is it?• It can be used to ensure that the original content of the message or document that has been sent is unchanged. ‫• كذلك ٌمكن استخدامه للتاكد من ان محتوى الرسالة او‬ ‫الوثٌقة االصلٌة المرسلة الكترونٌا لم ٌتغٌر‬ PalGov © 2011 18
  • Digital Signature• A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the senders identity and that the message arrived intact. * ً ‫• التوقٌع الرقمً ٌمكن استخدامه ألي نوع من الرسائل سواء‬ ‫كانت مشفرة ام ال، وٌستعمل حتى ٌتأكد المستلم ان السالة‬ ‫المستلمة لم ٌحدث لها اي تغٌٌر‬* Global e-securirty:4th International conference, ICGe, 2008, edited by Hamid Jahankhani, Kenneth Revett, Dominic Palmer-Brown - 2008 - Business & Economics - 310 pages. PalGov © 2011 19
  • Digital Signature• A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real.* ‫• الشهادة الرقمٌة تحتوي على التوقٌع الرقمً للجهة‬ ‫المصدرة بحٌث ٌستطٌع اٌا كان التحقق من ان الشهادة‬ ‫اصلٌة‬* Ran Canetti: Universally Composable Signature, Certification, and Authentication PalGov © 2011 20
  • Digital Certificate Digital Certificate:Digital Certificate provides a means of proving one’s identity in electronic transactions.A Digital Certificate is issued by a Certification Authority (CA) and signed with the CAs private key.Normally it contains:• Owners public key• Owners name• Expiration date of the public key• Name of the issuer (the CA that issued the Digital Certificate)• Serial number of the Digital Certificate• Digital signature of the issuer PalGov © 2011 21
  • Digital Signature• Digital signatures: ‫التوقيعات الرقمية‬- Cannot be sent by itself ‫الٌمكن ارساله لوحده‬- Identifies the signatory ‫تحدد هوٌة المرسل‬- Easily transportable, ‫ٌمكن نقله بسهولة‬- Cannot be forged, ‫ال ٌمكن تزوٌره‬- Can be automatically time-stamped. ً‫ٌمكن اعطاؤه خاتما للزمن بشكل اوتوماتٌك‬ PalGov © 2011 22
  • How it works• Send a document from A to B by e-mail:- “A” writes document in his email- By using special software, “A”, gets a message hash, which can be thought of as message summary- “A”, uses private key to encrypt the hash- This encrypted hash is the digital signature of this document PalGov © 2011 23
  • How it works• Send a document from A to B by e-mail:- “B” receives the document by his email- “B”, makes a hash of the message- “B”, uses the public key provided to him by “A” to decrypt the hash- If the hashes match the message and identity of “A” are verified PalGov © 2011 24
  • Digital Signature Standard (DSS)• Digital Signature Standard (DSS):*- is a digital signature algorithm (DSA), that calculates two large numbers within parameters to authenticate e-documents- Developed by U.S. National Security Agency (NSA) in 1994- It has become the US government standard for authentication of electronic documents.* Recommendation for Key Management -- Part 1: general, NIST Special Publication 800-57, p. 62–63 PalGov © 2011 25
  • References• Recommendation for Key Management -- Part 1: general, NIST Special Publication 800-57, p. 62–63• Ran Canetti: Universally Composable Signature, Certification, and Authentication PalGov © 2011 26
  • Session End PalGov © 2011 27