Assessment of Redactable Signature Schemes for Trusted and Reliable Public Sector Data
Klaus Stranacher 1, Vesna Krnjic 1 and Bernd Zwattendorfer 1 and Thomas Zefferer 2
1 E‐Government Innovation Center( EGIZ) 1, Graz University of Technology, Austria 2 Secure Information Technology Center( A‐SIT), Austria
Klaus. Stranacher @ egiz. gv. at Vesna. Krnjic @ egiz. gv. at Bernd. Zwattendorfer @ egiz. gv. at Thomas. Zefferer @ a‐sit. at
Abstract: Due to the increased application of information and communication technologies in the public sector, the amount of data being produced and processed by the public sector has been constantly growing during the past years. As these data can also be useful for the general public and the corporate sector, current initiatives attempt to make these data publicly available. Recent work on this topic has shown that publishing of public sector data potentially raises several issues regarding data integrity and authenticity. These issues render the implementation of solutions based on trusted and reliable public sector data difficult. However, recent work has proposed electronic signatures in general and redactable electronic signatures in particular as adequate means to address these issues. While a variety of redactable signature schemes has been introduced in literature, their capabilities to assure the integrity and authenticity of published public sector data has not been assessed so far. This renders a concrete implementation of solutions based on redactable signatures impossible. To overcome this problem, this paper first identifies and discusses legal, organisational, and technical requirements that need to be met by redactable signature schemes when applied to public sector data to be published. Afterwards, different existing redactable signature schemes are examined and discussed in more detail. Based on the previously identified requirements, the different redactable signature schemes are then assessed in detail. The conducted assessment reveals that sanitizable signature schemes, which represent a subset of redactable signature schemes, are especially suited to meet the predefined requirements. Among the wide set of existing sanitizable signature schemes, the conducted survey has revealed two concrete schemes to be best suited to assure the integrity and authenticity of public sector data to be published. The results obtained from the conducted survey will serve as input and basis for the implementation of solutions based on trusted and reliable public sector data.
Keywords: e‐government, redactable signatures, sanitizable signatures, public sector data
1. Introduction
The public sector produces, collects, processes, and provides large amounts of electronic data. These public sector data can be of interest also for the general public as well as for the corporate sector. In the area of e‐ Government, two main approaches have evolved to take up the challenge of providing public sector data. The Open Government Data( OGD) initiative bases on the concept of open data and claims that data should be freely available for everyone’ s use. In addition, the EU Directive on the re‐use of public sector information( PSI Directive)( European Union, 2003) defines a legal framework for the provision of public data within the European Union.
Both approaches define partly different requirements for applications dealing with OGD and PSI related data. Surprisingly, security related aspects such as data integrity of authenticity of data are not part of these requirements. To bridge this gap, supplementary security requirements have been defined in literature recently( Stranacher et al., 2013). In this work, the authors have also proposed a concept to meet these additional requirements in practice. The proposed concept employs electronic signatures to allow for the realization of trusted and reliable public sector data. Furthermore, the proposed concept also includes a mechanism to assure the integrity and authenticity of data even if these data need to be redacted. For instance, a redaction can be necessary if the data contain security‐sensitive or individual‐related information. For such scenarios Stranacher et al.( 2013) propose the use of redactable signature schemes, which allow third parties( redactors) to modify signed data without invalidating the original signature. Redactable signature schemes have already proven their usefulness in different fields of application. During the past years, especially the e‐Health sector has turned out to be predestinated for an application of redactable signature schemes( Bauer et al., 2009)( Slamanig and Rass, 2010). So far, several different redactable signature schemes have been proposed and discussed in literature. These schemes differ in various fundamental properties, such
1 EGIZ is a joint initiative of the Austrian Federal Chancellery and the Graz University of Technology
508