A Secure electronic document management system using public key encryption: a case of Strathmore University

Abstract

The need to safeguard and ensure the authenticity of academic records is paramount for any reputable educational institution. As institutions are moving into the digital era, more and more documents are being stored in digital form. This comes with its own challenges and is compounded by the fact that computer files can be modified without leaving any trace, and one cannot tell the difference between the copy and the original. Hence, the need to employ security measures, such as cryptographic techniques to ensure the integrity of digital documents. Paper documents have been used as backups of academic information store in academic management systems, these are difficult to manage and entail a great deal of manpower to maintain. Besides, they also require large storage facilities. The volumes of the paper documents have increased over the years and this has necessitated the search for a better way of managing them. A lot of effort has gone into research of verification of academic certificates, while little has been done ensuring that accurate grade information maintained in academic management systems. Strict procedures must be put in place to ensure there is not tampering of the grade information in the academic management systems. In this regard, a secure document management system using public key encryption can provide a solution for storage and security of digital documents. In this research, we explored how these systems can be used to protect the integrity of digital documents. This research proposes the use of a secure document management system using public key encryption that will facilitate the digital signing and storage of the digital documents. To implement the model, we developed a system that manages user rights and enables authorized users to use a public certificate to embed a digital signature on digital documents. The system was implemented using a document management system with an additional module for digital signing. Private keys and digital certificates were generated for each of the authorized user and uploaded to the system using each user’s credentials. To apply their digital signatures, the users’ must input a password to complete the process, thereby providing an addition layer of security. The system was tested for functionality, usability and effectiveness in managing digital documents and from the test results it shows that the system can be relied upon to securely and efficiently manage digital documents.