Data Security solutions for software developers
Digital security of data is often needed in several cases:
- to prove authorship and integrity of document or data using digital signature in order to conform to governmental, industry or corporate requirements,
- to protect a document or data from unauthorized access by encrypting them for data transfer or for further storage
Let us review these tasks in detail:
Proving data authorship and integrity using digital signing and timestamping
Digital signing is used to identify creator or author of a document or data, as well as a person who authorized their distribution. It also protects data against modification during delivery to recipient or readers.
Digital signing requires use of public key technology such as PKI certificates or OpenPGP. Both are supported by SecureBlackbox. If you have binary data or a document in some custom format, PKI or OpenPGP can be used directly. If your document is in PDF or XML format -- IT industry offers specialized standards for signing them. SecureBlackbox has components for signing XML and PDF documents as well. PDF signing is based on digital certificates while XML lets you use certificates or OpenPGP keys.
Signing would not be enough without timestamping the signature. SecureBlackbox is the only digital signature component to include timestamping - a vital part of signing.
Protection of documents or data by encryption
Encryption ensures that data can be encrypted only by those who have the decryption key. This can be either a symmetric key used for encryption, or a private key of a keypair (in public key encryption). SecureBlackbox offers both symmetric encryption and public key encryption, but focuses on public key encryption, which, for certain reasons, became more popular and more widely used industry standard.
As with digital signing, SecureBlackbox offers PKI and OpenPGP encryption of any data, and also supports encryption schemas defined in the standards for PDF and XML documents.
PKI offers public key encryption only, while OpenPGP also supports encryption using symmetric keys (passwords or paraphrases). PDF lets you encrypt a document with certificate or with a password. XML encryption can use certificate, OpenPGP key or symmetric key (password or passphrase).
You can add PKI encryption, signing, timestamping and certificate generation features to your application using PKIBlackbox package of SecureBlackbox for Developers product.
For OpenPGP functions (encryption, signing, compression, key generation and management) you need OpenPGPBlackbox package.
SecureBlackbox supports PDF security operations in its PDFBlackbox package. You can use any PDF generator tool or component to create and manage your PDF documents and PDFBlackbox will encrypt or sign these documents.
For XML security operations SecureBlackbox offers complete set of components in XMLBlackbox package. These components will let you parse and assemble XML documents, perform transformations, use XPath to choose XML elements, and finally apply security operations, such as encryption, digital signing, decryption and validation of the digital signature. In addition to this, XMLBlackbox supports XAdES standard for digital timestamping and archiving of XML documents.