Tip:
Highlight text to annotate it
X
Hello everyone! In this video we will show you one of the results
of Safelayer’s research activities: the Semantic Digital Signature.
This video focuses on a particular use case where the
semantic digital signature is used to sign a résumé, also
known as CV, after curriculum vitae, in order to guarantee
the document’s integrity as well as its source.
Since 2002, the World Wide Web Consortium has been working
on standards for the new web generation, the Semantic Web.
The main Semantic Web standards are RDF, after Resource Description
Framework, and OWL, after Web Ontology Language, both based on XML.
So, in the beginning, we had XML, the eXtensible Markup Language, which was
a first step to easily tag information and include metadata in documents.
For example, with this piece of XML we could describe some
identity attributes of a person identified as “John”.
In particular, we could use a few simple XML tags
to include his full name and his birth date.
Resource Description Framework is an evolution of XML
and is based on the idea of making statements
about resources following a triple structure:
a subject has got a property that takes some value.
So, after the example shown here, we could say that:
“John is a person” and “John’s name is John Smith”.
In fact, the main goal of these new semantic standards is to provide a better way to
describe and model information, and help building vocabularies, the so called ontologies,
which can be used to write semantic information that can be later automatically processed
by machines and also better understood by humans in respect to traditional XML.
Following RDF and with the purpose of providing a language to
describe ontologies emerges OWL, the Web Ontology Language.
OWL allows us to describe vocabularies better,
establishing richer relationships and properties.
In this example, OWL would helps us to declare a simple
ontology where we would restrict the properties that the class
Person may have (as a name, a date of birth, a city of birth
and so on), as well as the datatypes of these properties.
Therefore, with OWL we may state what the
concept “Person” means in a very accurate way.
Among all these vocabularies, one of the most popular is FOAF, the Friend
Of A Friend Ontology which is used to describe information about a person.
FOAF was created to describe friendship relationships, that’s why it has become
a very useful vocabulary now that social network applications are so popular.
With FOAF we can describe a person, and as it is a
very open ontology, we can include as many other
vocabularies as we wish in order to describe any
other different aspects of his or her life.
For example, we could include his professional career
with the DOAC ontology.
An example of FOAF document could then be a résumé that would
describe job experiences, skills and education, among others.
So, here we have John who is writing his résumé.
And now he wants to sign it in order to provide it
with some integrity and authenticity.
Integrity is the property that allows to check that
the document has not been modified after it was
signed, and authenticity is the property that allows
to verify who the author of the document was.
In order to sign his résumé, John can use
the traditional digital signature.
To sign his résumé John can chose any digital signature
application such as Safelayer’s OpenSignX or KeyOne Desktop.
However, traditional digital signature has some limitations.
If John updates the document or adds new pieces of information in it,
the signature loses all its value and will no longer be valid.
For instance, if he wants to add a new professional
experience, he will have to sign the whole document
again after making any modifications on it, despite
the importance and the extent of the modification.
Moreover, when it comes to trust, the trustworthiness of the information
stated in the document equals the same trust you put in John.
That is to say, you trust in the whole content
of the document as long as you trust John.
At Safelayer we have designed the Semantic Digital Signature, a new type of digital
signature based on Semantic Web Standards,
specially designed to solve the previous issues.
In this case the digital signature is expressed in RDF standard, and
not in a simple XML format like traditional XML digital signature.
Our Semantic Signature implementation works as follows.
As in traditional digital signature,
John writes his résumé.
The information in the document is diverse, and among others, we can find personal
information, information about his education or his job experiences and interests.
The idea upon semantic signature is that these bits of information contained
in the document can be signed by the different third parties which are
accountable for them, that is to say, the information will not be signed
directly by John, but by some organizations who can endorse that information.
The final objective is that people who read John’s résumé are able
to check that the information is trustworthy, beyond John’s word.
So, for instance, John’s résumé contains his complete name, his id
number and his address, and this information can be endorsed by a
Public Administration that has this information on its records and
therefore can state that the information is true with a signature.
Another section of John’s résumé is Education.
John attendance to High School or Universities can be certified by these educational
institutions, who will sign the bits of information related to John’s education.
In fact, this piece of signed information would have the same value as
the physical diploma given to John by the University when he graduated.
And that applies also to the organizations where
John has worked, and whose Human Resources Department
can confirm that John worked for them as well as the tasks he used to perform.
So, in the end, John can write his résumé , as he used to do,
but with Semantic Digital Signature, different third parties can
endorse the résumé’s content, resulting in a set of different
signatures, and turning the document into a trustworthy résumé.
This can be achieved because Semantic Signature
is not static like traditional digital signature
in a way that you can make some changes and still
not affect the integrity of the whole document.
As you are not signing an entire document, you don’t need to renew the signature
but instead you just have to sign the particular
bit of your résumé and add the new signature.
Technically, the document will be updated with a new set
of references in order to verify the new information.
Semantic signature also provides more trust to the information contained in the résumé
because each piece of information is signed by the entity who is accountable for it.
Feel free to try Semantic Digital Signature
at sandobox.safelayer.com
An implementation of our Semantic Digital Signature is available
at FOAF Manager and PKI Trust Center experimental applications.