Tactical Advice

Data Must Be Tamper-Proof for the Paperless Future to Work

The combination of PKI and KSI allows businesses to ensure data authentication.
Data Must be Tamper-Proof for the Paperless Future to Work
Credit: Hemera/ThinkStockPhotos

The benefits of a move to digital documents from physical paper include reduced costs, improved efficiency and instant access to documents. But the path to paper’s dematerialization is not without its twists and turns.

If we are to achieve a paperless future, then we need secure and scalable methods of data authentication.

The paperless office may still be in the future for some organizations, but the financial services and insurance industries have embraced the idea.

The Depository Trust & Clearing Corporation (DTCC) is attempting the “full dematerialization of U.S. financial markets” by 2015, according to a recent DTCC press release. Stocks and mutual funds have made the transition to dematerialized form, and insurance policies will follow under the supervision of the Insurance Regulatory and Development Authority (IRDA).

The old system was simply becoming unworkable logistically. A paperwork crisis was creating catastrophic inefficiencies and negatively impacting the bottom line. Digitization enables compliance and reduces cost and increases convenience on all sides. Reducing paperwork speeds up the average transaction and makes the process more accessible.

By cutting paper out of our lives, the risk of loss, theft, damage and forgery of physical documents is eliminated in one fell swoop.

What Is Preventing Dematerialization?

With so many clear benefits to the process, why aren’t we seeing greater adoption? What are the barriers to the paperless future that so many think is inevitable? When we look beyond general institutional resistance to change, security and data authenticity top the list of concerns. While physical files can be locked in an office or even a vault, the digital world is an entirely different animal.

How do organizations securely store documents, and how is the authenticity of the data guaranteed?

Digital copies are cheap and easy to make, but they are also easy to manipulate. A tamper-proof method of digitally signing documents is required. It should be possible to verify the signature, establish when the document was signed and verify that the data is exactly the same as it was when the document was originally created. Cryptographic algorithms can establish a high level of security, but they are expensive and difficult to scale.

The Limits of PKI

Public key infrastructure (PKI) relies on a mixed bag of public and private keys to authenticate users and encrypt data. Digital certificates identify organizations, directories must be kept concise and up to date, certificate and registration authorities are required and the whole system must be managed. It is expensive and scaling up can be complex.

On a large scale, PKI can lead to major bumps in network traffic, and encrypted data can wreak havoc on existing security software and systems. PKI requires centralized directories with unique and accurate records for every entry. There are also issues with how effectively and quickly revocation is dealt with when problems arise.

Going Keyless

Keyless signature infrastructure (KSI) can solve many of the problems with PKI, and it can also integrate with PKI to provide the best of both worlds. With KSI, cryptographic keys aren’t required to verify signatures. It uses hash function based on cryptography, and the tools required are published publicly. Therefore, anyone can verify signatures to establish the date, time and signing entity and prove that the data is intact.

Data can be authenticated without using a third party, making the process highly scalable. Large volumes of data can be processed more effectively when organizations are freed from the complexities of PKI and key management.

A Paperless Future Is Achievable

The paperless office will save resources, money and time. Beyond that, it allows businesses to more smoothly and accessibly exchange information. By tapping into the combination of PKI and KSI, businesses can deliver truly secure data authentication while effectively bypassing the main obstacles to dematerialization.

Sign up for our e-newsletter

About the Author

Mike Gault

Mike Gault is CEO of Guardtime, a developer of digital signatures that algorithmically prove the time, origin and integrity of electronic data. You can reach him at Mike.Gault@guardtime.com.

Security

Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.