Implementation of Digital Signature-Based Security in Big Data Management
A digital signature is a technique used to validate the authentication and integrity of a message, software, and digital document by using certain algorithms like Diffie- Hellman key exchange algorithm, etc. Similar to the digital equivalent of a handwritten signature or stamped seal, a digital signature offers far more inherent security, and it is intended to solve the problem of tampering and impersonation in digital communications. Digital signatures also provide the assurance, by validating the sender. In many countries, digital signatures are considered legally binding in the same way as traditional document signatures.
Digital signatures are based on public-key cryptography technique, also known as asymmetric cryptography. Applying a public key algorithm, such as RSA, one can generate two keys that are mathematically linked: one private key and one public key .
Digital signatures work because public key cryptography depends on two mutually authenticating cryptographic keys that are validated before decrypting. The person who is creating the digital signature uses their own private key to encrypt signature-related data; the only way to decrypt that data is with the sender’s public key. This is how digital signatures are authenticated.
Public Key Infrastructure (PKI) for Big Data Security
A PKI is a system in which we can trust the third-party user to identity inspection and assurance which is done basically by a certificate authority with the use of cryptography involving private and public keys. A typical PKI system consists of the following:
- • Client software system
- • Certificate authority server
- • May involve a few smart cards
- • Operational methods
Public key cryptography is an advance field in IT security that enables the trade-off between entities that are confidential in an open network. Public key cryptography enables the protection techniques that don’t exist in the traditional cryptography, importantly in the digital signature.
The public key cryptography consists of a public and a private key but does not require a confidential exchange of secret keys. Public key cryptography still is of vital importance as the public key is verifiably authentic, and the private key remains private. This is known as public key infrastructure (PKI), which manages the key pairs [16,17].
Authentication of Public Key Infrastructure
Firstly, the certificate authority will check the user, different certificate authorities have different identity validation process. The certificate authority acts as a trustee as well as is an independent provider of digital certificate. In this scenario, some of them may grant access to users because of a digital certificate, which will contain only the name and email address. While the certificate authority users can include personal interviews, background checks, etc. If the user is granted a digital certificate, then they will have two components, i.e., private key and public key.
FIGURE 5.9 PKI model.
For example, the user wishes to send an email to his business associates and wants to sign digitally the email with his private key. After signing the email,the user sends it to his business associates. Then the business associate will decrypt the email from the user’s public key. This example of digital certificate provides secret information that can be shared with user authentication, without exchange the secret key in advance. The PKI is also used in medical application systems (Figure 5.9).
Uses of PKI
Public Key Infrastructure (PKI) is a system designed to manage the creation, distribution, identification, and revocation of public keys. The uses of PKI are listed below.
Encryption or sender’s authentication of an email message and other documents
- • Authentication of users to applications like for SMART CARD login system
- • Bootstrapping that enables secured communication with some protocols, such as internet key exchange
Integrated security infrastructure for encryption, digital signature, and Certificate authority:
A PKI maintains a trustworthy networking environment, established by providing keys and certificate management services that enable encryption and digital signature capacity in many applications. It is very transparent in the platforms and is easy to use. By managing the full life cycle of digital certificate- based identities and encryption that enables PKI to entrust authority, digital signature, and certificate authentication have capabilities to be consistent and transparent. Adding more security management skills like self-registration, selfrecovery or inventory of digital identities and PIN authentication, the platforms are more secured.
The main advantage of public-key cryptography is to increase security and convenience and the public key system is to provide a method of a digital signature. It is a trust-based system that enables its customers to depend upon. There is no limit to access the PKI, and users can maintain their own certificates and authentication involving the exchange of data between client and server only. It enables that no third party can intervene in the system.