Digital Signature with RSA Public Key Cryptography for Data Integrity in SOSE-Based E-Government Systems

Purpose: SOSE is a novel software paradigm suitable for development of flexible, loose-coupled and end-to-end E-government system. However, the use of this innovation for E-government system is dwindled by security challenge. Apparently, the TLS (transport layer security) solution traditionally applied to protect SOSE-based E-government systems is inadequate since it can only secure point-to-point channels of communicating. Whereas, an end-to-end security protection is necessary to adequately protect SOSE-based applications.

Design/Methodology/Approach: Consequently, this paper proposed use of Digital Signature by RSA (Rivest-Shamir-Adleman) public key cryptographic algorithm at the message level to achieve data integrity in SOSE-based E-government system.

Findings/Result: The SOAP message content shows adequate formulation of digital signature with appropriate indicators of RSA public key to ensure data integrity. The SOAP message shows that SignedInfo, Signature Value and KeyInfo were formulated correctly. The SignedInfo contains Canonicalization Method, Signature Method and Reference subelements. Also, SignatureValue element has encrypted digest and the KeyInfo element has security token reference.

Originality/Value: This security solution integrates many technologies including OASIS’s web service security standard and W3C’s (World Wide Web Consortium) XML digital signature into SOAP envelope to ensure data integrity for E-government system at the message level.

Paper Type: Applied Research.