{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:01:37Z","timestamp":1754157697921,"version":"3.41.2"},"reference-count":14,"publisher":"Emerald","issue":"4","license":[{"start":{"date-parts":[[2005,9,1]],"date-time":"2005-09-01T00:00:00Z","timestamp":1125532800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005,9,1]]},"abstract":"Purpose<\/jats:title>Aims to address some of the problems that arise when signing digital documents that contain dynamic content.<\/jats:p><\/jats:sec>Design\/methodology\/approach<\/jats:title>Briefly introduces the problem of signing digital documents with dynamic content and discusses possible locations for signature functionality in a computer system. Outlines existing solutions to the problems and introduces a novel solution. Finally, discusses issues and unresolved problems.<\/jats:p><\/jats:sec>Findings<\/jats:title>The suggested solution requires all document handling applications to possess application awareness of the digital signature program in order to function properly. Every application must implement a COM interface and register itself in the Registry, in a locale specific to the digital signature program to sign the digital document.<\/jats:p><\/jats:sec>Originality\/value<\/jats:title>Provides a new solution to the problem of digitally signing a digital document.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685220510614443","type":"journal-article","created":{"date-parts":[[2005,8,31]],"date-time":"2005-08-31T20:09:33Z","timestamp":1125518973000},"page":"328-336","source":"Crossref","is-referenced-by-count":11,"title":["Dynamic content attacks on digital signatures"],"prefix":"10.1108","volume":"13","author":[{"given":"Adil","family":"Alsaid","sequence":"first","affiliation":[]},{"given":"Chris J.","family":"Mitchell","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022021120125792600_b1","unstructured":"Balacheff, B., Chen, L., Pearson, S., Plaquin, D. and Proudler, G. (2003), Trusted Computing Platforms: TCPA Technology in Context, Prentice\u2010Hall PTR, Upper Saddle River, NJ."},{"key":"key2022021120125792600_b2","unstructured":"Box, D. (1998), Essential COM, Addison\u2010Wesley, Boston, MA."},{"key":"key2022021120125792600_b3","doi-asserted-by":"crossref","unstructured":"Eastlake, D., Reagle, J. and Solo, D. (2002), \u201cRFC 3075: (extensible markup language) XML\u2010signature syntax and processing\u201d, available at: www.faqs.org\/rfos\/rfc3275.html.","DOI":"10.17487\/rfc3275"},{"key":"key2022021120125792600_b4","doi-asserted-by":"crossref","unstructured":"England, P., Lampson, B., Manferdelli, J., Peinado, M. and Willman, B. (2003), \u201cA trusted open platform\u201d, IEEE Computer, Vol. 36 No. 7, pp. 55\u201062.","DOI":"10.1109\/MC.2003.1212691"},{"key":"key2022021120125792600_b5","unstructured":"J\u00f8sang, A., Povey, D. and Ho, A. (2002), \u201cWhat you see is not always what you sign\u201d, The Proceedings of the Australian UNIX User Group, Melbourne."},{"key":"key2022021120125792600_b6","doi-asserted-by":"crossref","unstructured":"Kain, K., Smith, S.W. and Asokan, R. (2002), \u201cDigital signatures and electronic documents: a cautionary tale\u201d, in Jerman\u2010Blazic, B. and Klobucar, T. (Eds), Advanced Communications and Multimedia Security, IFIP TC6\/TC11 Sixth Joint Working Conference on Communications and Multimedia Security, IFIP Conference Proceedings, 26\u201027 September 2002, Portoroz, Vol. 228, Kluwer, Boston, MA, pp. 293\u2010308.","DOI":"10.1007\/978-0-387-35612-9_22"},{"key":"key2022021120125792600_b8","unstructured":"Menezes, A., van Oorschot, P.C. and Vanstone, S.A. (1997), Handbook of Applied Cryptography, CRC Press, Boca Raton, FL."},{"key":"key2022021120125792600_b9","unstructured":"National Institute of Standards and Technology (2000), FIPS PUB 186\u20102: Digital Signature Standard (DSS), National Institute for Standards and Technology, Gaithersburg, MD, available at: www.itl.nist.gov\/fipspubs\/fip186\u20102.pdf."},{"key":"key2022021120125792600_b10","doi-asserted-by":"crossref","unstructured":"Scheibelhofer, K. (2001), \u201cSigning XML documents and the concept of \u2018what you see is what you sign\u2019\u201d, Master's thesis, Institute for Applied Information Processing and Communications, Graz University of Technology, Graz.","DOI":"10.1007\/978-0-387-35413-2_1"},{"key":"key2022021120125792600_b11","unstructured":"Spalka, A., Cremers, A.B. and Langweg, H. (2001a), \u201cThe fairy tale of \u2018what you see is what you sign\u2019 \u2013 Trojan horse attacks on software for digital signature\u201d, in Fischer\u2010H\u00fcbner, S., Olejar, D. and Rannenberg, K. (Eds), Proceedings of the IFIP WG 9.6\/11.7 Working Conference, Security and Control of IT in Society\u2010II (SCITS\u2010II), Bratislava."},{"key":"key2022021120125792600_b12","doi-asserted-by":"crossref","unstructured":"Spalka, A., Cremers, A.B. and Langweg, H. (2001b), \u201cProtecting the creation of digital signatures with trusted computing platform technology against attacks by Trojan horse programs\u201d, in Dupuy, M. and Paradinas, P. (Eds), Proceedings of the IFIP SEC 2001, Kluwer, Boston, MA, pp. 403\u201020.","DOI":"10.1007\/0-306-46998-7_28"},{"key":"key2022021120125792600_b7","unstructured":"USDTS Marketing (2003), \u201cWYSIWYS what you see is what you sign\u201d, available at: www.utimaco.de\/eng\/content_pdf\/wysiwys.pdf."},{"key":"key2022021120125792600_b13","unstructured":"W3C (2003), \u201cExtensible markup language (XML)\u201d, available at: www.w3.org\/XML."},{"key":"key2022021120125792600_b14","doi-asserted-by":"crossref","unstructured":"Weber, A. (1998), \u201cSee what you sign: secure implementations of digital signatures\u201d, in Trigila, S., Mullery, A.P., Campolargo, M., Vanderstraeten, H. and Mampaey, M. (Eds), Intelligence in Services and Networks: Technology for Ubiquitous Telecom Services, Proceedings of the 5th International Conference on Intelligence and Services in Networks: IS&N'98, Vol. 1430, Lecture Notes in Computer Science, Antwerp, 25\u201028 May 1998, Springer\u2010Verlag, Berlin, pp. 509\u201020.","DOI":"10.1007\/BFb0056995"}],"container-title":["Information Management & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685220510614443","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220510614443\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220510614443\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:08:55Z","timestamp":1753402135000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/13\/4\/328-336\/171328"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,9,1]]},"references-count":14,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2005,9,1]]}},"alternative-id":["10.1108\/09685220510614443"],"URL":"https:\/\/doi.org\/10.1108\/09685220510614443","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[2005,9,1]]}}}