Servicios Personalizados
Revista
Articulo
Indicadores
- Citado por SciELO
- Accesos
Links relacionados
- Similares en SciELO
Compartir
Computación y Sistemas
versión On-line ISSN 2007-9737versión impresa ISSN 1405-5546
Resumen
GONZALEZ GARCIA, Vladimir; RODRIGUEZ HENRIQUEZ, Francisco y CRUZ CORTES, Nareli. On the Security of Mexican Digital Fiscal Documents. Comp. y Sist. [online]. 2008, vol.12, n.1, pp.25-39. ISSN 2007-9737.
In January 2005, the Mexican Tributary Administration System (SAT) introduced an official norm that stipulates how to generate electronic invoices that were termed by SAT, Comprobante Fiscal Digital (CFD). Supporting the CFD service implies the exchange of confidential information over Internet and other communication channels that are intrinsically highly vulnerable. Therefore, it becomes indispensable to incorporate to this service reliable and sound information security mechanisms. In the case of SAT's CFD, its security guarantees depend on customary cryptographic mechanisms such as, digital signatures, hash functions, etc. In this paper we point out several security flaws in the procedure specified by SAT for generating such electronic invoices. Furthermore, we provide recommendations for avoiding the security problems detected, which include the usage of more robust cryptographic mechanisms, alternative authentication protocols, time stamps authorities and a safe storage system.
Palabras llave : Information Security; Digital Certificates; Digital Notary; Mexican Tributary Administration System.