CN101079086A - Method for implementing electronic digital sealing system - Google Patents
Method for implementing electronic digital sealing system Download PDFInfo
- Publication number
- CN101079086A CN101079086A CNA2006100467368A CN200610046736A CN101079086A CN 101079086 A CN101079086 A CN 101079086A CN A2006100467368 A CNA2006100467368 A CN A2006100467368A CN 200610046736 A CN200610046736 A CN 200610046736A CN 101079086 A CN101079086 A CN 101079086A
- Authority
- CN
- China
- Prior art keywords
- hardware
- file
- signature
- bit stream
- software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a method of achieving the electronic digital signature system in the information system safety special technique field. The method with the association of the software and the hardware achieves the electronic digital signature system, wherein the calculation of all the digital signatures and all the signature checks is made in the hardware printing circuit board and the application-specific integrated circuit. The method enhances the safety of the electronic digital system.
Description
Technical field
The invention belongs to information system security special technology field, a kind of method that realizes electronic digital sealing system particularly is provided.
Background technology
Electronic digital sealing system is to be accompanied by informatization and the new and high technology that occurs.Electronic digital sealing system is mainly used in the problem of signing and sealing that solves e-file, is used for identification e-file signatory's identity, guarantees the integrality of file, guarantees authenticity, reliability and the non repudiation of file.
Electronic digital sealing not merely is the written signed and stamped digital pictureization that generally adopts.In electronic digital sealing system, the integrality of stamped signature, authenticity, reliability and non repudiation bind together with e-file with a kind of form of electronic code.Utilize electronic digital sealing, the addressee can verify sender's the identity and the validity of sender's stamped signature after obtaining file by Network Transmission (perhaps other transmission modes); The addressee can also verify out that source file has no change in transmission course; In addition, by electronic digital sealing, the sender also can't deny oneself this e-file having been implemented the fact of this behavior of stamped signature.Electronic digital sealing system is by cover standardization, a normalized soft or hard coupling system, the user can be finished sign and seal on e-file and verifies.Electronic digital sealing system is seal and the official seal of electronic age.
At present, the pattern that electronic digital sealing adopted mainly comprises three kinds.First kind is intelligent card type.Smart card is that (Integrated Circuit, IC) card has the certain calculation function to a kind of integrated circuit.Deposit a guy's information (seal or signature), certificate information and key information etc. in user's the smart card.Smart card uses PIN, and (Personal IdentificationNumber PIN) protects.The smart card of oneself need be provided during user's stamped signature and oneself PIN code is provided; Second kind is cipher.The user sets a password, is made up of numeral or character, comes the identity of representative of consumer, also can have relevant hardware facility (such as electronic pen) to be used; The third is the biologicall test formula.This pattern is based on user's physical trait, by certain equipment user's fingerprint, face, retina or iris etc. carried out digit recognition, thereby determines whether object is identical with former user.
Electronic digital sealing system of the present invention adopts the pattern of first kind of smart card to realize that the safety technique of use mainly is a digital signature technology.To being described below of digital signature technology.
Digital signature technology is a part indispensable in the information security.Information security is a systems engineering with multiple functional requirement.Infosystem should ensure the functional characteristics such as confidentiality, integrality, non repudiation, availability and controllability of information.Digital signature technology can guarantee information integrality and non repudiation.
Typical digital signature technology uses asymmetric cryptosystem.Asymmetric cryptosystem is different from DSE arithmetic.The key that the encryption and decryption process of DSE arithmetic is used is identical, and its process is shown in Fig. 2-1.
Different keys is used in the encryption and decryption of asymmetric cryptosystem.Each user has pair of secret keys, i.e. PKI and private key.Wherein, private key must secretly be preserved, and can not leak; And PKI can openly be issued.(Certificate Authority just includes public key information in the digital certificate information of CA) issuing by certificate AUC.The ciphering process of asymmetric cryptosystem as shown in Figure 2.
Though use the confidentiality that DSE arithmetic can guarantee information, can not guarantee that institute's information transmitted is not distorted, promptly can not guarantee the integrality of raw information.In public-key cryptosystem, digital signature technology can be used for guaranteeing the authenticity of raw information, and can guarantee the integrality of raw information.The process of digital signature is the inverse process of ciphering process.The digital signature procedure of utilizing asymmetric cryptosystem as shown in Figure 3.
Before sending a document, the person of signing and issuing of document need produce unique " finger mark " of original document.This " finger mark " can produce by the hash computing to document.The hash mathematical algorithm uses unidirectional Hash function usually.The Hash function is the special function of a class, and it can handle the data of random length, generates the serial data of unique regular length.This serial data is called as the message or the summary of document.Any point of original document revised all will cause producing different document message, and to find two different documents to make them generate identical message be unusual difficulty.When authentication receives the document that comprises digital signature, just can use identical Hash function (the Hash function identical) to carry out computing to document information with the person of signing and issuing of file.Only can produce identical information without the document of changing, thus authenticity and integrity that can identifying file.
By digital signature technology, strong proof can be provided for the authenticity and integrity of raw information, digital signature technology has played crucial effects in the service that non repudiation is provided simultaneously.By digital signature technology, can solve and deny, forge, distort and identity such as pretends to be at problem, promptly can reach following requirement:
● information transmitter is the signature that signer can not be denied the information that sent afterwards;
● the recipient can verify the authenticity of the signature of information that the sender sends;
● because the security of asymmetric cryptosystem is based on key.Therefore, as long as guarantee the secret of signer private key information, just can guarantee that any other people can't forge signature;
● anyone can not carry out any distorting to sender's raw information, because anyly distort can cause signing invalid.
Asymmetric cryptosystem relates to pair of secret keys---PKI and private key.Because everyone PKI is disclosed, therefore need be to everyone PKI and identity assurance that an authority is provided thereof, this has just introduced the mechanism of digital certificate.Digital certificate is a kind of key management media of RSA arithmetic, is a kind of authoritative electronic document, the identity that is used to prove a certain main body with and the legitimacy of public-key cryptography.In the environment of any use asymmetric cryptosystem, must there be a believable mechanism to come the PKI of any one main body is notarized, prove the matching relationship of the identity of main body and he and PKI.This believable mechanism is certificate AUC normally, promptly usually said CA.The main contents that comprise in the digital certificate have: certificate owner's personal information, certificate owner's PKI, the term of validity of PKI, issue the CA information of digital certificate etc.Digital certificate binds together the identity and the public key information thereof of main body, thereby an authority's assurance is provided for the identity of main body.
Realize the classic method and the shortcoming thereof of electronic digital sealing system
The enciphering and deciphering algorithm of realizing the electronic digit signature has a lot, for example RSA (Ron.Rivest, Adi Shamirh andLenAdleman, RSA) public key algorithm, ECC (Elliptic Curve Cryptography, ECC) elliptic curve public key cryptographic algorithm etc.Realize that with traditional employing ECC elliptic curve public key cryptographic algorithm the method for electronic digit signature system is an example below, the shortcoming of traditional method of software and hardware is described based on smart card.
The method of software and hardware of traditional realization ECC digital signature
The software and hardware method of traditional realization ECC digital signature as shown in Figure 4.In Fig. 4, traditional digital signature method is divided into following 4 steps:
1, in software systems, obtains source file binary bit stream S.Among Fig. 4, source file binary bit stream F is the source file of representing with binary mode, file (suffix is * .doc) as MS Word version, the file of MS Excel version (suffix is * .xls), the file of MS powerpoint version (suffix is * .ppt), the file of MS Outlook version (suffix is * .eml), the file of Adobe Acrobat version (suffix is * .pdf), or the file of webpage format (suffix is * .htm or * .xml) etc.Simpler, so long as a binary bit stream (no matter what form it is) just can be used as source file S;
2, in software systems, S obtains m, and it is passed to hardware through after the computing of function F.In software (as software environments such as computer operating systems), after the computing of source file binary bit stream S through the Hash function F, be converted into bit length and be 232 message m.(note: some article also is called summary to message m);
3, in hardware system (as hardware environment such as printed circuit board, special ICs), m and k
AThrough obtaining signature value r and s after the ECC digital signature.M is 233 the message that second step obtained, k
ABe 232 private key, be stored in the storer of hardware that r and s are respectively 232 signature value;
4, hardware is passed r and s back software respectively, and in the middle of software, r and s is inserted among the source file S, obtain S ' (S '=S+r+s).S ' is S and has passed through the file after the digital signature.
As can be seen from Figure 4, in traditional implementation method, in software, obtain message m, and pass to the hardware computing of signing.Then, after the hardware signature computing is finished, signature value r and s can be returned to software, and in the middle of the software signature value r and s being inserted in the middle of the source file S, to obtain digital signature file S '.
Under this implementation,, very easily distorted by the attacker in the software (as Hacker Program) because message m produces in software.Equally, signature value r and s are delivered to after the software through hardware, are also very easily distorted by the attacker in the software.Therefore, message that obtains under this structure and signature value can't guarantee it is correct, thereby greatly reduce the security based on the digital signature system of this software and hardware structure.
The method of software and hardware of traditional realization ECC signature verification
The software and hardware method of traditional realization ECC signature verification as shown in Figure 5.In Fig. 5, traditional signature verification method is divided into following 4 steps:
1, in software systems, r and the s that has embedded among the binary code stream S ' of signing messages of 232 r and 232 s taken out separately;
2, in software systems,, obtain 232 message m with having removed the computing of the code stream S (S=S '-(r+s)) of r and s by the Hash function F;
3, in hardware, with 233 PKI P
AX, P
AY, 232 message m and 232 s' r and s deliver to ECC signature verification module and carry out signature verification, and the result that will verify (for example, represent with a bit correct or wrong) passes software section back;
4, in software, judge the result of checking.
The problem that exists during with signature is the same, and under this implementation, because a large amount of operating in the software finished, this just greatly reduces the security of signature verification system.For example, the malicious attack program can be intercepted and captured the checking result of hardware at the interface between software and hardware place, and it is distorted, thereby allows software can't obtain correct checking result.
In sum, the certain security breaches of existence of the software and hardware method of traditional realization electronic digital sealing system.The present invention proposes at this security breaches just.
Summary of the invention
The object of the present invention is to provide a kind of method that realizes electronic digital sealing system, solved the security breaches problem in traditional realization electronic digital sealing system method.
The present invention adopts a kind of method of software and hardware combining to realize electronic digital sealing system, carries out in the middle of when realizing electronic digital sealing system the computing of all digital signature and signature verification all being placed on hardware (as printed circuit board (PCB) and special IC etc.).This has just solved in traditional implementation method, and a part of key operation is placed in the software, carries out in the middle of another part key operation is placed on hardware, thereby causes sealing system to suffer the potential safety hazard that malicious software code is attacked easily.Software is realized relatively, and hard-wired arithmetic logic can not suffer the attack of any malicious code.Therefore, the method that the present invention proposes can strengthen the security of electronic digital sealing system greatly.
The software and hardware method of the realization electronic digit signature that the present invention proposes as shown in Figure 6, this method is divided into following 4 steps (being example with the signature system based on the ECC elliptic curve still):
1, in software systems, obtains source file bit stream S and source file bit stream S is passed to hardware.Equally, source file binary bit stream F is the source file of representing with binary mode, file (suffix is * .doc) as MS Word version, the file of MSExcel version (suffix is * .xls), the file of MS powerpoint version (suffix is * .ppt), the file of MS Outlook version (suffix is * .eml), the file of Adobe Acrobat version (suffix is * .pdf), perhaps file of webpage format (suffix is * .htm or * .xml) or the like;
2, in hardware system, binary bit stream S obtains message m through after the computing of function F.In hardware, after the computing of source file binary bit stream S through the Hash function F, be converted into bit length and be 232 message m;
3, in hardware system (as hardware environment such as printed circuit board, special ICs), m and k
AThrough obtaining signature value r and s after the ECC digital signature.M is 233 the message that obtained in second step, k
AIt is 232 private key.R and s are respectively 232 signature value;
4, in hardware system, r and s are inserted in the middle of the source file binary bit stream S, obtain S ' (S '=S+r+s).S ' is binary bit stream S and has passed through the file after the digital signature.After this, hardware system transmits the part that eases back to S '.So far finished digital signature to source file bit stream S.
The software and hardware method of the realization electronic digit signature verification that the present invention proposes as shown in Figure 7, this method is divided into following 4 steps (being example with the signature system based on the ECC elliptic curve still):
1, in software systems, obtains to sign the binary bit stream S ' of name and 233 PKI P
AX, P
AY, and they pass to hardware;
2, in hardware system, the r and the s that have embedded among the binary bit stream S ' of 232 r and s signing messages are taken out separately, then the binary bit stream S that removed r and s (S=S '-(r+s)) is carried out the computing of Hash function F, obtain 232 message m;
3, in hardware system, with 233 PKI P
AX, P
AY, 232 message m and 232 s' r and s deliver to the signature verification module and carry out signature verification;
4, in hardware system, show the checking result with display screen or pilot lamp.
The advantage of the relative classic method of the present invention is:
1, the present invention is all its main operationals of using in the electronic digital sealing process, and all be put into as signature computing, checking computing, hash function computing etc. and carry out in the hardware system, thus the attack of having stopped malicious software code.And traditional realize the part its main operational with software, realize the method for other a part of its main operational with hardware, than the attack that is easier to suffer malicious software code;
2, the speed of the signature verification of the electronic digital sealing system of realizing with method of the present invention, and cost is all with suitable with traditional method.
3, the present invention can be with most main flow software for editing, as MS Word, and MS Excel, MS Powerpoint, AdobeAcrobat, connections such as Internet Explorer, realize digital signature and signature verification, and reduce the possibility that this type systematic suffers software attacks greatly.
Description of drawings
Fig. 1 is a DSE arithmetic synoptic diagram of the present invention.
Fig. 2 is the ciphering process synoptic diagram of asymmetric cryptosystem of the present invention.
Fig. 3 is the digital signature procedure synoptic diagram of asymmetric cryptosystem of the present invention.
The software and hardware method synoptic diagram of the realization ECC digital signature that Fig. 4 is traditional.
The software and hardware method synoptic diagram of the realization ECC signature verification that Fig. 5 is traditional.
Fig. 6 realizes the software and hardware method synoptic diagram of digital signature for the present invention.
Fig. 7 realizes the software and hardware method synoptic diagram of signature verification for the present invention.
Fig. 8 is the hardware configuration synoptic diagram based on digital signature/verification system of ECC.
Fig. 9 is the software configuration synoptic diagram based on digital signature/verification system of ECC.
Embodiment
Implement of hardware system mode in the Electronic Seal System of the present invention
Based on the signature system of ECC elliptic curve be example the hardware system scheme as shown in Figure 8, it comprises the functional module of following several cores:
1, FPGA module: mainly finish digital signature, signature verification, many point doublings and key to generating this 4 main computings based on ECC;
2, PROM module: mainly after powering up, the FPGA module is configured;
3, FLASH module: be mainly used in the certificate issued in storage private key data, seal data (as the image of GIF form) and CA center etc.;
4, USB2.0 module (embedded 8051 nuclears): why having selected to embed the USB2.0 chip of 8051 nuclears, is in order to realize the control of USB2.0 easily.This module is mainly used in Data transmission between the software of FPGA module and PC.
5, power conversion chip group: the voltage of using in the hardware system is carried out steady pressure, boost or step-down.This module may be used in conjunction with battery;
6, crystal oscillator: for the place that needs clock in the hardware system provides clock;
7, USB slot: connect USB2.0 chip and USB transmission line;
8, display screen and pilot lamp.
Software realization of system mode in the Electronic Seal System of the present invention
Based on the signature system of ECC elliptic curve be example software spare system schema as shown in Figure 9, it comprises the functional module of following several cores:
1, the interface program of application program;
2, application program with the interface function API of driver (Application Programming Interface, API);
3, software systems are with the interface routine of hardware system---driver.
The course of work of Electronic Seal System software and hardware system of the present invention
The process of digital signature is as follows:
1, the application call api function of software section, and source file bit stream S is passed to the USB2.0 chip of hardware by driver;
2, the USB2.0 chip of hardware comes source file S and command word (as 00, promptly notifying FPGA need carry out digital signature) to pass to FPGA the software transmission;
3, the FPGA of hardware reads seal data and private key k according to command word from FLASH
A, and to S carry out hash computing (Hash) and the signature computing, produce signature value r and s then; In the hardware, FPGA is inserted into r and the s that obtains among the source file S, obtains S ', and passes S ' back software by USB2.0.
The process of signature verification is as follows:
1, the application call api function of software section will be signed the source file bit stream S ' and the PKI P of name
A.x and P
A.y pass to the USB2.0 chip of hardware by driver;
2, the USB2.0 chip of the hardware source file S ' that the software transmission is next, PKI P
A.x, P
A.y and command word (, promptly notifying FPGA need carry out signature verification) as 01 pass to FPGA.
3, the FPGA of hardware carries out computing to these data, and produces the result of 0 (checking is passed through) or 1 (checking is passed through);
4, hardware display screen or indication etc. demonstrate the checking result.
Claims (1)
1, a kind of method that realizes electronic digital sealing system, it is characterized in that: adopt a kind of method of software and hardware combining to realize electronic digital sealing system, when realizing electronic digital sealing system, the computing of all digital signature and signature verification all is placed in hardware printed circuit board (PCB) and the special IC and carries out, realize that the software and hardware method of electronic digit signature is divided into:
Step 1, in software systems, obtain source file bit stream S and pass to hardware, the source file of source file binary bit stream S for representing with binary mode, comprise: the file of MS Word version, its suffix is * .doc, the file of MS Excel version, its suffix is * .xls, and the file of MS powerpoint version, its suffix are * .ppt, the file of MS Outlook version, its suffix is * .eml, and the file of Adobe Acrobat version, its suffix are * .pdf, the perhaps file of webpage format, its suffix is * .htm or * .xml;
Step 2, in hardware system, binary bit stream S is through obtaining message m after the computing of function F; In hardware, after the computing of source file binary bit stream S through the Hash function F, be converted into bit length and be 232 message m;
Step 3, in hardware system, printed circuit board, special IC hardware environment, m and k
AThrough obtaining signature value r and s after the ECC digital signature, m is 233 the message that obtained in second step, k
ABe 232 private key, r and s are respectively
Step 4, in hardware system, r and s are inserted in the middle of the source file binary bit stream S, obtain S ' (S '=S+r+s), S ' has passed through the file after the digital signature for binary bit stream S, after this, hardware system transmits the part that eases back to S ', has so far finished the digital signature to source file binary bit stream S;
The software and hardware method that realizes the electronic digit signature verification is:
Step 1, the binary bit stream S ' that in software systems, obtains to sign and 233 PKI P
AX, P
AY, and they pass to hardware;
Step 2, in hardware system, the r and the s that have embedded among the binary bit stream S ' of 232 r and s signing messages are taken out separately, then the binary bit stream S that removed r and s (S=S '-(r+s)) is carried out the computing of Hash function F, obtain 232 message m;
Step 3, in hardware system, with 233 PKI P
AX, P
AY, 232 message m and 232 s' r and s deliver to the signature verification module and carry out signature verification;
Step 4, in hardware system, show the checking result with display screen or pilot lamp.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100467368A CN101079086A (en) | 2006-05-26 | 2006-05-26 | Method for implementing electronic digital sealing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100467368A CN101079086A (en) | 2006-05-26 | 2006-05-26 | Method for implementing electronic digital sealing system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101079086A true CN101079086A (en) | 2007-11-28 |
Family
ID=38906559
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006100467368A Pending CN101079086A (en) | 2006-05-26 | 2006-05-26 | Method for implementing electronic digital sealing system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101079086A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101819519B (en) * | 2009-02-26 | 2014-04-02 | 航天信息股份有限公司 | Multifunctional digital signing circuit |
| CN105933124A (en) * | 2016-06-30 | 2016-09-07 | 武汉理工大学 | Digital signature and message hash value recovery method |
| CN112364385A (en) * | 2020-10-19 | 2021-02-12 | 山东省国土空间数据和遥感技术中心 | OFD format real estate electronic certificate file signature method and system |
| CN116938604A (en) * | 2023-09-18 | 2023-10-24 | 深圳市上融科技有限公司 | Multi-party-based electronic signature system, method and process |
-
2006
- 2006-05-26 CN CNA2006100467368A patent/CN101079086A/en active Pending
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101819519B (en) * | 2009-02-26 | 2014-04-02 | 航天信息股份有限公司 | Multifunctional digital signing circuit |
| CN105933124A (en) * | 2016-06-30 | 2016-09-07 | 武汉理工大学 | Digital signature and message hash value recovery method |
| CN112364385A (en) * | 2020-10-19 | 2021-02-12 | 山东省国土空间数据和遥感技术中心 | OFD format real estate electronic certificate file signature method and system |
| CN116938604A (en) * | 2023-09-18 | 2023-10-24 | 深圳市上融科技有限公司 | Multi-party-based electronic signature system, method and process |
| CN116938604B (en) * | 2023-09-18 | 2023-11-28 | 深圳市上融科技有限公司 | Multi-party-based electronic signature system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10944575B2 (en) | Implicitly certified digital signatures | |
| EP2533457B1 (en) | Secure implicit certificate chaining | |
| CN1219260C (en) | Method for controlling storage and access of security file system | |
| Alotaibi et al. | Secure mobile computing authentication utilizing hash, cryptography and steganography combination | |
| US20140372765A1 (en) | Hashing Prefix-Free Values in a Signature Scheme | |
| CN104052606B (en) | Digital signature, signature authentication device and digital signature method | |
| CN108650097B (en) | Efficient digital signature aggregation method | |
| CN108667623A (en) | A kind of SM2 ellipse curve signatures verification algorithm | |
| CN1453718A (en) | Method for discriminating invited latent member to take part in group | |
| US20130290713A1 (en) | Hashing prefix-free values in a certificate scheme | |
| CN101051902A (en) | Agent signcryption method and system | |
| CN1719765A (en) | Safety reliable controllable authorization electronic autographing method | |
| CN101079086A (en) | Method for implementing electronic digital sealing system | |
| CN114302367A (en) | Certificate application method and device, electronic equipment and storage medium | |
| CN1885769B (en) | Digital abstract forming device and method, and CA signing system and method | |
| CN101635627A (en) | Digital signature scheme based on discrete logarithm problem | |
| CN1226691C (en) | Method for multiple encryption of file and simultaneous sealing/unsealing | |
| CN111680332A (en) | Digital signature method based on elliptic curve | |
| CN1976280A (en) | Symmetric key transmission protecting method based on multi-stage key management system | |
| CN105515775B (en) | Efficient privacy protection signcryption method | |
| CN1722656A (en) | A digital signature method and digital signature tool | |
| Adeniyi et al. | Secure Sensitive Data Sharing Using RSA and ElGamal Cryptographic Algorithms with Hash Functions. Information 2022, 13, 442 | |
| CN1481108A (en) | Method related to obtainning asymmetry type cipher key from network system | |
| Kornaga et al. | Protection of an electronic document using a consolidated approach to the application of electronic digital signature | |
| CN1832402A (en) | Numberical signature method based on lever function and super-increment sequence |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C57 | Notification of unclear or unknown address | ||
| DD01 | Delivery of document by public notice |
Addressee: Li Kuigang Document name: Notification of Publication of the Application for Invention |
|
| C57 | Notification of unclear or unknown address | ||
| DD01 | Delivery of document by public notice |
Addressee: Li Kuigang Document name: Notification before expiration of term |
|
| C57 | Notification of unclear or unknown address | ||
| DD01 | Delivery of document by public notice |
Addressee: Li Kuigang Document name: Notification that Application Deemed to be Withdrawn |
|
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20071128 |