More Related Content
Similar to Pal gov.tutorial6.session6.digital signature & e evidence
Similar to Pal gov.tutorial6.session6.digital signature & e evidence (20)
More from Mustafa Jarrar (20)
Pal gov.tutorial6.session6.digital signature & e evidence
- 1. أكاديمية الحكومة اإللكترونية الفلسطينية
The Palestinian eGovernment Academy
www.egovacademy.ps
Tutorial 6: The Legal Framework of New Technologies
Session6
Digital Signature & e-evidence
Dr. Samer Najjar Dr. Feras Milhem
PalGov © 2011 1
- 2. About
This tutorial is part of the PalGov project, funded by the TEMPUS IV program of the
Commission of the European Communities, grant agreement 511159-TEMPUS-1-
2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.ps
Project Consortium:
Birzeit University, Palestine
University of Trento, Italy
(Coordinator )
Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium
Palestine Technical University, Palestine
Université de Savoie, France
Ministry of Telecom and IT, Palestine
University of Namur, Belgium
Ministry of Interior, Palestine
TrueTrust, UK
Ministry of Local Government, Palestine
Coordinator:
Dr. Mustafa Jarrar
Birzeit University, P.O.Box 14- Birzeit, Palestine
Telfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011
2
- 3. © Copyright Notes
Everyone is encouraged to use this material, or part of it, but should properly
cite the project (logo and website), and the author of that part.
No part of this tutorial may be reproduced or modified in any form or by any
means, without prior written permission from the project, who have the full
copyrights on the material.
Attribution-NonCommercial-ShareAlike
CC-BY-NC-SA
This license lets others remix, tweak, and build upon your work non-
commercially, as long as they credit you and license their new creations
under the identical terms.
PalGov © 2011 3
- 4. ILOs
• Introduce students with the rules of e-
evidence as well as digital signature in
Palestine.
ً• مقدمة عن قواعد األثبات القانونً والتوقٌع األلكترونً ف
فلسطٌن
• Explain the importance of e-evidence and
digital signature in general and for the e-
government in particular
ً• بٌان أهمٌة قواعد االثبات القانونً والتوقٌع األلكترون
.بشكل عام، وللحكومة األلكترونٌة بشكل خاص
PalGov © 2011 4
- 5. e-evidence
اإلثبات القانوني
– Digital evidence or electronic evidence is any
probative information stored or transmitted in
digital form that a party to a court case may
use at trial.
– Before accepting digital evidence a court will
determine if the evidence is relevant, whether
it is authentic, if it is hearsay and whether a
copy is acceptable or the original is required.
– األدلة الرقمٌة أو اإللكترونٌة األدلة الثبوتٌة أٌة معلومات مخزنة
.أو منقولة فً شكل رقمً التً قد تستخدم فً المحاكمة
– قبل قبول األدلة الرقمٌة سوف تقوم المحكمة بتحدٌد ما إذا كانت
.األدلة مقبولة
PalGov © 2011 5
- 6. e-evidence Found in
موجود في
– e-mails
– digital photographs
– ATM transaction logs
– word processing documents
– instant message histories
– files saved from accounting programs
– spreadsheets
– internet browser histories
– databases
– Contents of computer memory
– Computer backups
– Computer printouts
– Global Positioning System tracks
– Logs from a hotel’s electronic door locks
– Digital video or audio files
PalGov © 2011 6
- 7. Legal foundation of e-evidence
اإلطار القانوني
- Absence of such a special law.
.- غٌاب إطار قانونً خاص
- No case law available from Palestinian
courts
- غٌاب سوابق قضائٌة من محاكم فلسطٌنٌة
- No any regulation of technologies to
approve authentications such as digital
signature
)ً- ال ٌوجد قانون ٌنظم التوثٌق (التصدٌق االلكترون
PalGov © 2011 7
- 8. Evidence law 2001
2001 قانون البينات
- No substantive rules to govern e-evidence
ً- ال توجد قواعد جوهرٌة تنظم االثبات القانون
- Only scattered rules: فقط قواعد مبعثرة وغٌر كافٌة
• Article 19: Correspondence and telegrams, telex, fax and
e-mail, have the force of evidence if it originally filed in
the Office of Export, signed by the sender. The cables
are identical to the origin until proven to the contrary.
• تكون للبرقٌات ومكاتبات التلكس والفاكس والبرٌد اإللكترونً هذه القوة أٌضا إذا
كان اصلها المودع فً مكتب التصدٌر موقعا ً علٌها من مرسلها، وتعتبر البرقٌات
.مطابقة ألصلها حتى ٌقوم الدلٌل على عكس ذلك
PalGov © 2011 8
- 9. Evidence law 2001
2001 قانون البينات
- Chapter 3 of the law stipulates that the
accounting records of merchants
constitute a proof against them
whether these records are on paper or
digital.
- إعتبر الجزء الثالث من القانون أن الدفاتر التجارٌة حجة
على أصحابها سواء كانت ورقٌة أو رقمٌة. ولٌس على
.الغٌر
PalGov © 2011 9
- 10. 4002 The Law of Securities No. 12 of
قانون األوراق المالية4002
- The Law legally acknowledged the
digital evidences in Securities related
)101 disputes (article
- على الرغم مما ورد فً أي تشرٌع آخر، فإنه ٌجوز
اإلثبات بقضاٌا األوراق المالٌة والمعامالت التً تتم لدى
الهٌئة والسوق بواسطة البٌانات اإللكترونٌة أو الصادرة
عن الحاسوب وتسجٌالت الهاتف ومراسالت أجهزة
التلكس والفاكسمٌلً. (مادة 101)
1102 © PalGov 01
- 11. What is needed to be done
ما يمكن عمله
• In some countries, a special law is
adopted, eg., Canadian E-evidence
Law.
• فً بعض الدول، تم تبنً قانون خاص باألثبات
.ًالقانون
• Some countries included scattered
rules in relative legislation. Eg. E-
commerce law or e-transaction law.
• فً دول أخرى تم تضمٌن نصوص فً قوانٌن مختلفة
مثل قوانٌن التجارة أو المعامالت االلكترونٌة
PalGov © 2011 11
- 12. What is needed to be done
ما يمكن عمله
• UNCITRAL assigned some rules on e-
evidence and suggestions to assure
authentication and overcome security
difficulties
(This will be discussed later under e-
commerce section)
PalGov © 2011 12
- 13. Some thing to think about
• Can the Palestinian courts weight an
email as a proof in a court litigation.
• هل تستطٌع المحاكم الفلسطٌنٌة اإلعتماد على رسالة
.إلكترونٌة كدلٌل إثبات فً قضٌة أمام المحاكم
PalGov © 2011 13
- 14. Summary
• Palestine lacks the legal foundation of
E-evidence, amendments to exiting
laws or a harmonized law should be
adopted.
.ً• تفتقر فلسطٌن إلى إطار قانونً ناظم للتوقٌع األلكترون
ٌجب تبنً إما تعدٌالت على قوانٌن قائمة أو تبنً قانون
.شامل
PalGov © 2011 14
- 15. References
• Palestinian Law on Evidence of 2001.
• Palestinian Law on Securities Law 2004.
• Palestinian Draft e-transactions law.
• CRIDS, University of Namur, PowerPoint
Presentation on E-evidence, 2011.
• Interview with Dr. Amin Dawas, Arab-
American University of Jenin 5 Oct. 2011.
• http://www.uncitral.org/pdf/english/texts/el
ectcom/05-89450_Ebook.pdf
PalGov © 2011 15
- 17. Digital Signature, what is it?
• A digital signature is an electronic
signature produced by a code (software)
that can be used to authenticate the
identity of the sender of a message or the
signer of a document.
• التوقٌع الرقمً هو توقٌع الكترونً ناتج عن استعمال
برنامج خاص، وٌمكن استخدامه للتأكد من هوٌة المرسل
ِ
لرسالة او لمن وقع وثٌقة الكترونٌة
PalGov © 2011 17
- 18. Digital Signature, what is it?
• It can be used to ensure that the
original content of the message or
document that has been sent is
unchanged.
• كذلك ٌمكن استخدامه للتاكد من ان محتوى الرسالة او
الوثٌقة االصلٌة المرسلة الكترونٌا لم ٌتغٌر
PalGov © 2011 18
- 19. Digital Signature
• A digital signature can be used with any
kind of message, whether it is encrypted
or not, simply so that the receiver can be
sure of the sender's identity and that the
message arrived intact. *
ً
• التوقٌع الرقمً ٌمكن استخدامه ألي نوع من الرسائل سواء
كانت مشفرة ام ال، وٌستعمل حتى ٌتأكد المستلم ان السالة
المستلمة لم ٌحدث لها اي تغٌٌر
* Global e-securirty:4th International conference, ICGe, 2008, edited by Hamid Jahankhani,
Kenneth Revett, Dominic Palmer-Brown - 2008 - Business & Economics - 310 pages.
PalGov © 2011 19
- 20. Digital Signature
• A digital certificate contains the digital
signature of the certificate-issuing
authority so that anyone can verify that
the certificate is real.*
• الشهادة الرقمٌة تحتوي على التوقٌع الرقمً للجهة
المصدرة بحٌث ٌستطٌع اٌا كان التحقق من ان الشهادة
اصلٌة
* Ran Canetti: Universally Composable Signature, Certification, and
Authentication
PalGov © 2011 20
- 21. Digital Certificate
Digital Certificate:
Digital Certificate provides a means of proving one’s
identity in electronic transactions.
A Digital Certificate is issued by a Certification Authority
(CA) and signed with the CA's private key.
Normally it contains:
• Owner's public key
• Owner's name
• Expiration date of the public key
• Name of the issuer (the CA that issued the Digital
Certificate)
• Serial number of the Digital Certificate
• Digital signature of the issuer
PalGov © 2011 21
- 22. Digital Signature
• Digital signatures: التوقيعات الرقمية
- Cannot be sent by itself الٌمكن ارساله لوحده
- Identifies the signatory تحدد هوٌة المرسل
- Easily transportable, ٌمكن نقله بسهولة
- Cannot be forged, ال ٌمكن تزوٌره
- Can be automatically time-stamped.
ًٌمكن اعطاؤه خاتما للزمن بشكل اوتوماتٌك
PalGov © 2011 22
- 23. How it works
• Send a document from A to B by e-mail:
- “A” writes document in his email
- By using special software, “A”, gets a
message hash, which can be thought of
as message summary
- “A”, uses private key to encrypt the hash
- This encrypted hash is the digital
signature of this document
PalGov © 2011 23
- 24. How it works
• Send a document from A to B by e-mail:
- “B” receives the document by his email
- “B”, makes a hash of the message
- “B”, uses the public key provided to him by
“A” to decrypt the hash
- If the hashes match the message and
identity of “A” are verified
PalGov © 2011 24
- 25. Digital Signature Standard (DSS)
• Digital Signature Standard (DSS):*
- is a digital signature algorithm (DSA), that
calculates two large numbers within
parameters to authenticate e-documents
- Developed by U.S. National Security
Agency (NSA) in 1994
- It has become the US government standard
for authentication of electronic documents.
* Recommendation for Key Management -- Part 1: general, NIST Special Publication 800-57, p. 62–63
PalGov © 2011 25
- 26. References
• Recommendation for Key Management -- Part 1: general, NIST
Special Publication 800-57, p. 62–63
• Ran Canetti: Universally Composable Signature, Certification, and
Authentication
PalGov © 2011 26