Dawn M. Turner (guest)

Dawn M. Turner is a professional author with a passion for technical regulations and standards, as well as for their relevance and impact on corporate operations and industry in general. Dawn has more than 10 years of IT industry experience in hardware, programming & systems & network engineering. Her educational background includes a Certificate in computer operations & programming, CompTIA and Microsoft certifications, including A+, MCSE and MCP, Associates degree with major in business & minor in computer science, Bachelors of Science degree with major in business forensics & minor in accounting and an MBA with concentrations in finance & economics.

What Is An Electronic Signature Policy?

This article explains what an electronic signature policy is from the perspective of a CISO or other person required to maintain information security.

Read more

Whitfield Diffie: the well-deserved laureate of the 2015 Turing Award


On June 11, 2016 Whitfield Diffie, Technical Advisory Board member at Cryptomathic, and Martin E. Hellman, Professor Emeritus of Electrical Engineering at Stanford University will be awarded the 2015 ACM A.M. Turing Award for their important contributions to modern cryptography. This was officially announced by the ACM, the Association for Computing Machinery in honor of Alan M. Turing, the British mathematician whose contributions to cryptography helped during World War II with the Allied crypto-analysis of the German Enigma cipher. Recipients of this reward receive a $1 million prize that is funded by Google, Inc. The prestigious Turing Award is often referred to as the “Nobel Prize of Computing.”

Read more

Key Management Interoperability Protocol (KMIP): achievements and challenges

The Key Management Interoperability Protocol standard intends to provide interoperability across various key management environments and hence to reduce costs and increase efficiency of heterogenious cryptographic applications.

Read more

The difference between an Electronic Signature and a Digital Signature


It is a common to see people use the terms electronic signature and digital signature interchangeably. However, this is a misconception among many because the two can differ, along with the processes in which they are generated, validated and their specific legal ramifications.

Read more

What is Key Management? a CISO Perspective

Key management refers to managing cryptographic keys within a cryptosystem. It deals with generating, exchanging, storing, using and replacing keys as needed at the user level.

Read more

Introduction into XAdES for Trust Service Providers

The term XAdES stands for XML Advanced Electronic Signatures, which specifies a set of extensions that are used with the W3C recommendation for XML Signature Syntax and Processing (XML-DSig). This documents includes the final drafts for a revised framework by the European Telecommunications Standards Institute (02-2016).

Read more

Is the NIST Digital Signature Standard DSS legally binding?


Under the Computer Security Act of 1987, the National Institute of Standards and Technology (NIST) was authorized to approve standards and set guidelines to ensure the security and confidentiality of sensitive data that is processed on the government’s computer systems. In 1994, the National Institute of Standards and Technology (NIST) adopted the Digital Signature Standard (DSS) FIPS 186, which specifies algorithms that are used in creating digital signatures. Currently, a revised DSS, FIPS 186-4 is awaiting its final release and there is controversy regarding whether the DSS should be considered legally binding.

Read more

Introduction into CAdES for Trust Service Providers


The term CAdES stands for CMS Advanced Electronic Signatures. The Cryptographic Message Syntax (CMS) provides a framework for digitally signed documents, including PDF or emails. This article introduces the relevant signature policies associated with CAdES and takes a deeper look at main formats and validation data. 

Read more

Introduction into PAdES for Trust Service Providers



The term PAdES stands for PDF Advanced Electronic Signatures. It refers to a group of extensions and restrictions that are used with PDF and ISO 32000-1. They allow for advanced electronic signatures that adhere to the eIDAS Regulation, which has evolved from the European Union Directive 1999/93/EC.

Read more