The Covid-19 pandemic has had a major impact on all of our work environments, with that change here to stay. The days of every employee coming to work in the office are giving way to many employees working remotely from home more of the time, carrying out their work online.
With such a fundamental business environment change, the practice of stamping seals on paper documents has inevitably given way to using digital signatures for business data. This reliance on digital data, however, introduces other issues such as the ease of with which data can be manipulated and falsified, as well the difficulty for the recipient to confirm its authenticity. Business email fraud is already a fact, underlining the dangers of these problems.
To combat this, we need a mechanism for ensuring the authenticity of the data, capable of both guaranteeing the data source and proving that it has not been tampered with. While digital signature technology has existed for some time, it does not provide a satisfactory solution on its own, as Yosuke Nakamura from the Data & Security Laboratory explains.
"Digital signatures are difficult to manage, requiring a combination of skill and literacy. To reduce the burden of managing digital signatures, we have seen the emergence of cloud-based signature services, but these services require special operations such as logging into the cloud service, uploading the data to be signed, and then indicating the intention to sign on the cloud service. All of these operations increase the user workload, so we decided to try and find a way of improving the convenience of digital signatures, which in turn would help promote their use. "
At the Fujitsu Data & Security Laboratory, the team has been working on the development of a new digital trust management technology that is both secure and convenient. The ultimate goal is to promote Trust as a Service (TaaS), which allows anyone easily to handle digital trust management technology as a service without the need for any complicated operations. Yosuke continues:
"More and more companies are using cloud services today, and it is clear that we need new business and cross-industry models to connect customers from different industries and organizations in the cloud. Fujitsu’s approach involves developing digital trust management technology for data access operation on cloud services. One of its components is "Transparent Trust-Ensuring Technology". By automatically detecting user operations on files through cloud services, digital signatures can be automatically added to files without any need for user intervention. "
Another factor is that, in many companies, files are not manipulated by a single user, but require a process of data verification and revisions involving multiple people. This is something the project team took into account when developing TaaS. Yosuke explains:
“We have also developed a "Process Assurance Technology " that visualizes the data generation process and ensures that the authenticity business process is confirmed. With this technology, whenever a user creates or approves data according to a pre-defined business process, the digital signatures of both the user and approver are automatically associated in the data. By managing business processes with the authenticity embedded in the data itself, we can complete cross-organizational business workflows without relying on cloud services, while ensuring and confirming the authenticity of the processes.”
We are steadily working towards the practical application of technologies that guarantee the authenticity and reliability of digital data. For more than 20 years, Fujitsu has been engaged in the research and development of digital signature and encryption technologies. At the same time, Fujitsu, as a manufacturer of PCs and smartphones, has also been focusing on the research and development of "human-centric computing" to create a human-centered computing environment to improve user convenience. In order to develop new digital trust management technologies that are both safe and convenient, the engineers behind this R&D joined forces in 2019 to start a new project. Yosuke explains the background:
"At the Davos Forum in January 2019, the former Prime Minister of Japan, Shinzo Abe, highlighted the importance of DFFT (Data Free Flow with Trust). This prompted a period of intensive research and development into digital trust technology to handle digital data securely in Japan. Fujitsu created a team of researchers with diverse areas of expertise to research and develop new digital trust management technology. The project’s scope was for a truly global development, using the eIDAS (electronic Identification and Authentication Services) regulations as its basis, which ensure the trust of data distributed among European countries, and enable mutually secure electronic transactions.”
TaaS aims to build and provide a digital trust management infrastructure cloud service. It is a service that can be used in combination with various cloud services without changing the user interface, in order to create an approval process that ensures the authenticity of data.
Even if different organizations cloud services are used, by using TaaS as an intermediary, the origin of the data is guaranteed, and the recipient of the data can confirm the authenticity of the data. In addition, since it is based on digital signature technology, which is effective in preventing identity fraud, it is also equally effective in dealing with security risks such as business email fraud that may be hidden within business environments.
The project was launched in 2019 with a small team of only four engineers. Now, two years later, we have about 30 engineers working on the research and development of new digital trust management technologies under TaaS. Fujitsu is also actively involved in the Japan Digital Trust Forum, which was established in August 2020 to study systems and architectures for creating a secure digital society and to make recommendations to relevant organizations.
Yosuke Nakamura, who was one of the project’s pioneers, was originally in charge of human-centric computing technology, elaborating:
"For many years, I was doing R&D on how to make computers easier to use. This technology is essential for transparent trust-granting technology, which is what makes digital signatures more convenient for users. In order to keep improving this, it is essential to automate the process so that it can be carried out with as little human intervention as possible. However, at the same time, it is necessary to create a situation where only the person themselves can indicate their intention to sign, and to grant the signature in a legal manner. We are working on a user interface that is easy to use, while looking for the best balance in the quest between how much to automate and where to require the person to indicate their intention.”
Rikuhiro Kojima of the Data & Security Laboratory has also been a member of the project since its inception in 2019. As a student, he studied cryptograph and is now applying his signature and encryption technologies’ expertise to the project. Rikuhiro explains:
"When I first joined the project, the specific direction was yet to be decided and so I had the freedom to think about the overall theme. My activity initially revolved around R&D for new signature schemes, technical consulting on overall signature technology, online conference presentations, and the promotion of industry-academia-government collaboration. In addition, I was writing English papers and submitting them to international conferences and journals to present my research to the global community.”
Overall, Fujitsu has a diverse team of experts with a wealth of experience, including engineers specializing in cloud system infrastructure to provide TaaS, and security experts in charge of analyzing security risks and threats.
Yosuke concludes: "In order to develop the existing digital signature technology to meet current as well as future demands, we need to develop new thinking and ideas. Our plan is to bring in more engineers from a diverse skillset, who can develop new ways of thinking and research new avenues from the user's perspective.”
Fujitsu is progressing its research into the practical application of TaaS as a priority. But we also recognize that for TaaS to be applied for global business applications, and to be deployed as the key infrastructure to support the trust of the entire digital society, we need to work in collaboration that extends beyond the expertise of just Fujitsu. We believe that TasS has the potential to form a pivotal part of the future social infrastructure. With that aim in mind, Fujitsu will continue to work on TaaS to enable the creation of cross-industry business models, not only through the development of highly flexible and convenient technologies, but also through collaboration activities with external expert resources from around the world.