Maintaining Integrity and Non-Repudiation in Secure Offline Documents

Abstract

Securing sensitive digital documents (such as health records, legal reports, government documents, and financial assets) is a critical and challenging task. Unreliable Internet connections, viruses, and compromised file storage systems impose a significant risk on such documents and can compromise their integrity especially when shared across domains while they are shared in offline fashion. In this paper, we present a new framework for maintaining integrity in offline documents and provide a non-repudiation security feature without relying on a central repository of certificates. This framework has been implemented as a plug-in for the Microsoft Word application. It is portable because the plug-in is attached to the document itself and it is scalable because there are no fixed limits on the numbers of users who can collaborate in producing the document. Our framework provides integrity and non-repudiation guarantees for each change in the document's version history.