ELECTRONIC SEALING FOR ELECTRONIC TRANSACTIONS

摘要

A sealing method and system based on any data originator authentication mechanism involves an originator (10) which represents the entity requiring the data to be sealed and to have itself identified as the originator of the sealed data. The relying party (12) is an entity requiring to use the sealed data as proof relating to a transaction. The seal provider (14) is an entity trusted to provide seals by the originator and relying parties. The procedure for creating a seal is as follows: the originator creates a hash value or other one-way representation of the data to be sealed. The originator then sends the hash value with a seal request through a secure channel which authenticates the originator to the seal provider and ensures the integrity of the request. The seal provider then determines if the authentication of the request is correct and, if so, creates a seal which contains an identifier for the originator, the time of the request, the hash value and a digital signature or other similar mechanism which authenticates the data unit as coming from the seal provider. The preferred form of digital signature is one using public key cryptography such as specified in ITU-TX.509 or Internet RFC 2560.