<< Click to Display Table of Contents >> Navigation: DOI System Overview > Benefits of the DOI System > Protected and Trusted Information |
The Handle System - which is used for identification and resolution of DOI names - provides client and server authentication, data confidentiality and integrity, and non-repudiation based on Public Key Infrastructure (PKI):
•Any exchanged information between a client and a server of the Handle System can be encrypted using a session key.
•To ensure non-repudiation, clients may request digitally signed responses from any server.
•User access control is supported at DOI record and record element levels.
Resolution requests for confidential data, as well as any administration requests (for example, creating or modifying a DOI record) require authentication of the user for proper authorization.
•The integrity of a DOI record's data is ensured by signing the DOI record.
The digital signature is stored in the DOI record itself and can be validated through a chain of trust.