Test Module10.7. Electronic Signatures Test Cases



Similar documents
Test Module4. Controls and Security Test Cases

Test Framework Introduction & Overview of the Test Framework

VERIFICATION REPORT. MoReq2 Certification for Electronic Records Management Systems (ERMS) according to MoReq2 Specification (Version 1.

Ticket Center Quick Start

ADFS Integration Guidelines

CS 356 Lecture 28 Internet Authentication. Spring 2013

Digital Signatures with AutoCAD and CoSign

SAP CRM 7.0 E2C Setup: CRM via Toolset

Manual. Ticket Center Manual. Ticket Center 2: May 17, AdNovum Informatik AG. Released. AdNovum Informatik AG. All rights reserved.

GlobalSign Solutions. Using a GlobalSign PersonalSign Certificate to Apply Digital Signatures in Microsoft Office Documents

Module 1: Overview. Module 2: AlienVault USM Solution Deployment. Module 3: AlienVault USM Basic Configuration

CyberSource and NetSuite Getting Started Guide

REGULATIONS COMPLIANCE ASSESSMENT

Server based signature service. Overview

Call Center and Clearing System. ID Technologies Inc

Primary User (PU) * Delegated User (DU) *

ELECTRONIC RECORDS MANAGEMENT SYSTEM COMPLIANCE TEST AND EVALUATION PROCESS AND PROCEDURES

Stripe Payment Module Magento 2 USER MANUAL MAGEDELIGHT.COM SUPPORT E: SUPPORT@MAGEDELIGHT.COM P: +1-(248)

Procedure for How to Enroll for Digital Signature

General Platform Criterion Assessment Question

Document Management Getting Started Guide

SAFE Digital Signatures in PDF

D . A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information:

How To Electronically Sign A Document On Docusign.Com

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

TIB 2.0 Administration Functions Overview

Sage 100 ERP (MAS90 / MAS200) How to Set up Security in Sage 100 ERP

6. Is it mandatory to have the digital certificate issued from NICCA? Is it mandatory for the sender and receiver to have a NIC id?...

WHMCS LUXCLOUD MODULE

OpenAM. 1 open source 1 community experience distilled. Single Sign-On (SSO) tool for securing your web. applications in a fast and easy way

Administering a Microsoft SQL Server 2000 Database

Authorize.net modules for oscommerce Online Merchant.

Document Digital Signature

Entrust Managed Services PKI

SAML Single-Sign-On (SSO)

Business Mobile App User Guide

CCH esign. Quick Start Guide

Instructor Getting Started Guide for Desire2Learn

Intland s Medical Template

User Guide of edox Archiver, the Electronic Document Handling Gateway of

Adobe 8 SAFE Signatures Configuration Procedure Draft

Using etoken for Securing s Using Outlook and Outlook Express

You can submit your Lead Training Provider Application by following these steps: 1. Navigate to the CDX Website at:

SAP SuccessFactors Onboarding Technical and Functional Specifications

U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Records Management

Managing Recurring Transactions Merchant Best Practice Guide

Digital Signatures. Digital Signatures - How to enable validation of Siemens PKI signatures in Adobe Reader? Issued by: Date 01/2016

Implementing and Maintaining Microsoft SQL Server 2008 Integration Services

Managed Services PKI 60-day Trial Quick Start Guide

Digital Signature Certificate Online Enrollment Guide using etoken

Enabling SSL and Client Certificates on the SAP J2EE Engine

CMPRO Change Notice New Software License Tracking Screens

Instructor Getting Started Guide for Desire2Learn

Ciphire Mail. Abstract

21 CFR Part 11 Compliance Using STATISTICA

Revu validates and signs documents based on the Windows Certificate Store and the PKCS #12 standards. Revu also supports Adobe CDS signatures.

Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)

Novel Unique Technique for Generating Ticket Identifier Using Image Texture Patterns

YOUR UBANK USAVER SMSF.

System Area Management Software Tool Tip: Integrating into NetIQ AppManager

App Distribution Guide

Digital Certificate for Corporate Internet Banking - User Guide

Introduction. Editions

Using CertAgent to Obtain Domain Controller and Smart Card Logon Certificates for Active Directory Authentication

Simple Guide to Digital Signatures

Trademark Clearinghouse. Manual. How to manage My Account

Office Standardization. Encryption Gateway. A Brief Guide for External Communication Partners.

ASA 8.x: Renew and Install the SSL Certificate with ASDM

LiteCommerce Authorize.Net Module. Version 2.4

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

BidCentral Online Bidding for Subcontractors (BOBS) Trade Contractor User Guide

Software Quick Setup

System Administrator Training Guide. Reliance Communications, Inc. 603 Mission Street Santa Cruz, CA

L A W ON ELECTRONIC DOCUMENT I. GENERAL PROVISIONS. Scope of the Law

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

Quick Note 051. Common Passwords/ID errors in IPsec VPN negotiation for TransPort routers. DRAFT July 2015

10/6/2015 PKI. What Is PKI. Certificates. Certification Authorities (CA) PKI Models. Certificates

Address Verification System (AVS) Checking

This release bulletin relates to Version build 2701 of the Swivel Authentication Platform and other new capabilities.

Guidelines for filling up Online Application Form for Internship

Administering a SQL Database Infrastructure

Administering a SQL Database Infrastructure 20764; 5 Days; Instructor-led

GENERAL PLATFORM CRITERIA. General Platform Criterion Assessment Question

PDS (The Planetary Data System) Information Technology Security Plan for The Planetary Data System: [Node Name]

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

The Electronic Stamp Mail Server and Client Project Part 3: Software Design Specifications. SDS Final November 3, 2003

Creating a New Alarm.com Account

SSO Plugin. Case study: Integrating with Ping Federate. J System Solutions. Version 4.0

[SMO-SFO-ICO-PE-046-GU-

SAM Context-Based Authentication Using Juniper SA Integration Guide

Transcription:

Test Module10.7 Electronic Signatures Test Cases Author(s): imbus AG MoReq2 test development team Date: 15/04/2008 Version: 1.0 Status: Approved Customer: Serco Consulting imbus AG v1.0 April 2008 Page 1 of 17

Contents Document History... 3 T10.7 Electronic Signatures... 4 T10.7.1 Configuration... 5 T10.7.1.1 Configuration of Storage of Authentication Metadata... 5 T10.7.2 Declaration of Authentication Metadata... 6 T10.7.2.1 Storage of Authentication Metadata During the Capture of a Record (I)... 6 T10.7.2.2 Storage of Authentication Metadata During the Capture of a Record (II)... 7 T10.7.2.3 Storage of Authentication Metadata During the Capture of a Record (III)... 8 T10.7.3 Declaration of Records/emails... 9 T10.7.3.1 Capture and Storage of Electronic Certificates when Capturing a Record... 9 T10.7.3.2 Validation of Electronic Signatures... 10 T10.7.3.3 Verification Process for Capturing Emails... 11 T10.7.3.4 Storage of Information with an Electronic Record... 12 T10.7.4 Application of an Electronic Signature... 13 T10.7.4.1 Export Process... 13 T10.7.4.2 Capability of External Validation... 14 T10.7.5 Others... 15 T10.7.5.1 Introduction of New Electronic Signature Technologies... 15 T10.7.5.2 Demonstration of Integrity... 16 T10.7.5.3 Configuration of Storage of a Validation Ticket... 17 imbus AG v1.0 April 2008 Page 2 of 17

Document History Version Date of Issue Author Comment 0.1 20/07/2008 Michael Sill Initial Draft 0.2 25/01/2008 Claudia Schieber Revision after internal Review 0.3 04/02/2008 Claudia Schieber Revision after Final Draft 0.4 29/02/2008 Claudia Schieber Revised after publishing of the final draft of the MoReq2 specification 1.0 02/04/2008 MoReq2 test development team Finalising after approval of the test framework imbus AG v1.0 April 2008 Page 3 of 17

T10.7 Electronic Signatures TEST DATA: The test data for the following tests (test module 10, chapter T10.7) can be found in the corresponding test data repository. The reference chapter is called on chapter T10.7 Electronic Signatures. TEST EXECUTION: step (1) Please read the chapter Testframework Introduction/Chapter 2 before starting the test execution. REMARKS step (2) The s are designed in a way that enables you to skip certain s when required. However, the outcome of some s might be a precondition of subsequent tests. Where there are dependencies we have inserted test references into the precondition section of the. Careful attention should be given to the preconditions of the s. imbus AG v1.0 April 2008 Page 4 of 17

T10.7.1 Configuration Abstract: This chapter focuses on testing the configuration options for ERMS supporting electronic signatures. T10.7.1.1 Configuration of Storage of Authentication Metadata id: T10.7.1.1 An administrative role configures the ERMS for the storage of verification metadata for electronically signed records. Ensure that the administrative role has the following configuration options for the storage of the metadata: the fact of successful verification; specified information regarding the verification process; all verification data. Req.-ID: 10.7.2 Logged in as CentralAdministrator 1. Configure the storage of metadata for electronically signed records. The following configuration options are possible for the storage of metadata for electronically signed records: the fact of successful verification specified information regarding the verification process all verification data The ERMS enables an administrative roles to configure the system to store verification metadata for electronically signed records with the record at time of capture in one of the following ways: the fact of successful verification specified information regarding the verification process all verification data imbus AG v1.0 April 2008 Page 5 of 17

T10.7.2 Declaration of Authentication Metadata Abstract: This chapter focuses on testing the declaration and storage of authentication metadata. T10.7.2.1 Storage of Authentication Metadata During the Capture of a Record (I) id: T10.7.2.1 The ERMS is configured in the following way: during the capture process the fact of successful verification of electronically signed records will be stored after a successful authentication. A user role captures a valid electronically signed record. Ensure that the information that the electronic signature was verified successfully is stored as metadata. Req.-ID: 10.7.2 The ERMS is configured to store the fact of a successful authentication of an electronically signed record when a record is captured Logged in as Reviewer 1. Capture the electronically signed document Document5 (D05). The electronically signed document Document5 (D05) is captured as record. The fact of a successful authentication is stored as authentication metadata. When the ERMS is configured to store the fact of successful authentication of an electronically signed document, the ERMS stores the fact of a successful authentication of the signature as authentication metadata of an electronically signed document. imbus AG v1.0 April 2008 Page 6 of 17

T10.7.2.2 Storage of Authentication Metadata During the Capture of a Record (II) id: T10.7.2.2 The ERMS is configured in the following way: During capture all specified information regarding the verification process will be stored after a successful authentication. A user role captures a valid electronically signed record. Ensure that specified information regarding the verification process is stored as metadata. Req.-ID: 10.7.2 The ERMS is configured to store specified information regarding the verification process when a record is captured Logged in as Reviewer 1. Capture the electronically signed document Document6 (D06). The electronically signed document Document6 (D06) is captured as record. Specified information regarding the verification process is stored as authentication metadata. When the ERMS is configured to store specified information regarding the verification process, the ERMS stores specified information regarding the verification process when capturing electronically signed document. imbus AG v1.0 April 2008 Page 7 of 17

T10.7.2.3 Storage of Authentication Metadata During the Capture of a Record (III) id: T10.7.2.3 The ERMS is configured in the following way: when an electronically signed document is captured all verification data will be stored. A user role captures a valid electronically signed record. Ensure that all verification data is stored as metadata. Req.-ID: 10.7.2 The ERMS is configured to store all verification data when an electronically signed record is captured Logged in as Reviewer 1. Capture the electronically signed document Document7 (D07). The electronically signed document Document7 (D07) is captured as record. All verification data is stored as authentication metadata. When the ERMS is configured to store all verification data, the ERMS stores all verification data when an electronically signed document is captured. imbus AG v1.0 April 2008 Page 8 of 17

T10.7.3 Declaration of Records/emails Abstract: This chapter focuses on testing the declaration of records or emails. T10.7.3.1 Capture and Storage of Electronic Certificates when Capturing a Record id: T10.7.3.1 A user role captures a document with an electronic signature. Ensure that the electronic signature, associated electronic certificates and details of the related certification service providers are captured, verified if required and stored. Req.-ID: 10.7.1 Metadata elements for electronically signed signatures are defined Logged in as role Reviewer TestClassificationScheme1 is created 1. Capture the electronically signed document Document1 (D01). The document is captured as Record1 (CS01/001/001/001) into the file Strategy (CS01/001/001). At least the following information are stored: electronic signature associated electronic certificates details of related certification service providers The ERMS is able to capture, verify if required and store electronic signatures, associated electronic certificates and details of related certification service providers. imbus AG v1.0 April 2008 Page 9 of 17

T10.7.3.2 Validation of Electronic Signatures id: T10.7.3.2 An user role captures two documents: one with a valid and one with an invalid electronic signature. Ensure that the ERMS validates the electronic signature and reports an invalid electronic signature to an administrative role. Req.-ID: 10.7.4 Metadata elements for electronically signed signatures are defined Logged in as role Reviewer The ERMS is configured in a way that it reports invalid check results of an electronic signature to an administrative role. TestClassificationScheme1 is created 1. Capture the document Document2 (D02). The document Document2 (D02) is captured as record Record2 (CS01/001/001/002) into the file Strategy (CS01/001/001). The electronic signature check result says that the signature is valid. 2. Check the metadata of Record2 (CS01/001/001/002). The metadata of Record2 (CS01/001/001/002) contain the result of the validation of the electronic signature. 3. Capture the document Document3 (D03). The document Document3 (D03) is captured as record Record3 (CS01/001/001/003) into the file Strategy (CS01/001/001). The electronic signature check result says that the signature is invalid. 4. Check the metadata of Record3 (CS01/001/001/003). The metadata of Record3 (CS01/001/001/003) contain the result of the validation of the electronic signature. 5. Log off user role Reviewer. User in role Reviewer is logged off. 6. Log in as user role CentralAdministrator. User in role CentralAdministrator is logged in. 7. Check if there is a notification about an invalid check result. There is a notification about the invalid check result of the electronic signature of Record3 (CS01/001/001/003). The ERMS is capable of checking the validity of an electronic signature at the time of capture and stores this information in the metadata of the captured record. The ERMS reports an invalid check result to a specified user or administrative role. imbus AG v1.0 April 2008 Page 10 of 17

T10.7.3.3 Verification Process for Capturing Emails id: T10.7.3.3 A user role captures an email with an electronic signature. Ensure that the ERMS captures and stores at least the following information about the verification process: the fact that the validity of the signature was checked the identity of individual initiating the check the certificate issuer the serial number of the electronic certificate, verifying the signature the certification service provider with which the signature has been validated the date and time that the checking occurred Req.-ID: 10.7.5 Logged in as Reviewer TestClassificationScheme1 is created 1. Capture the electronically signed email Email1 (E01) as Record4 into the file Strategy (CS01/001/001). The email Email1 (E01) is captured as Record4 (CS01/001/001/004) into the file Strategy (CS01/001/001). Information to the following metadata are declared: the fact that the validity of the signature was checked the identity of individual initiating the check the certificate issuer the serial number of the electronic certificate, verifying the signature the certification service provider with which the signature has been validated the date and time that the checking occurred The ERMS is able to capture and store automatically details about the process of verification for an electronic signature, including: the fact that the validity of the signature was checked the identity of individual initiating the check the certificate issuer the serial number of the electronic certificate, verifying the signature the certification service provider with which the signature has been validated the date and time that the checking occurred imbus AG v1.0 April 2008 Page 11 of 17

T10.7.3.4 Storage of Information with an Electronic Record id: T10.7.3.4 A record with electronic signature is captured into the ERMS. Ensure that the ERMS stores with the electronic record the following information: the electronic signature(s) associated with that record the electronic certificate(s) verifying the signature Req.-ID: 10.7.7 Logged in as role Reviewer TestClassificationScheme1 is created 1. Capture the document Document4 (D04) as Record5 (CS01/001/001/005). The document Document4 (D04) is captured as Record5 (CS01/001/001/005). The following information is stored with the record: the electronic signature(s) associated with that record the electronic certificate(s) verifying the signature The ERMS stores with the electronic record: the electronic signature(s) associated with that record the electronic certificate(s) verifying the signature. imbus AG v1.0 April 2008 Page 12 of 17

T10.7.4 Application of an Electronic Signature Abstract: This chapter focuses on testing the application of electronic signatures. T10.7.4.1 Export Process id: T10.7.4.1 An administrative role exports a file, which includes records. Ensure that the ERMS allows to apply an electronic signature. Req.-ID: 10.7.9 TestClassificationScheme1 is created Logged in as CentralAdministrator 1. Export the file Management (CS01/001/002). An electronic signature can be applied to the file Management (CS01/001/002). The file Management (CS01/001/002) is exported. 2. Export the record Record6 (CS01/001/003/001). An electronic signature can be applied to the record Record6 (CS01/001/003/001). The record Record6 (CS01/001/003/001) is exported. 3. Export the record Record7 (CS01/001/003/002). An electronic signature can be applied to the transfer message of the record Record7 (CS01/001/003/001). The record Record7 (CS01/001/003/002) is exported. The ERMS enables an administrative role to apply an electronic signature to the file or record or transfer message during an export process. imbus AG v1.0 April 2008 Page 13 of 17

T10.7.4.2 Capability of External Validation id: T10.7.4.2 Test whether an already applied digital signature during the export process is capable of external validation. Req.-ID: 10.7.10 The file Accounting (CS01/001/004) got a digital signature during the export process Logged in as role Reviewer 1. Validate the file Accounting (CS01/001/004) by an external validation. The exported file can be externally validated. The file Accounting (CS01/001/004) is valid. The digital signature which the ERMS applies to a file and records during the export is capable of external validation. imbus AG v1.0 April 2008 Page 14 of 17

T10.7.5 Others Abstract: This chapter focuses on testing various aspects of an ERMS supporting electronic signatures that have not been tested in previous chapters. T10.7.5.1 Introduction of New Electronic Signature Technologies id: T10.7.5.1 The corresponding requirements is not testable. Req.-ID: 10.7.3 1. imbus AG v1.0 April 2008 Page 15 of 17

T10.7.5.2 Demonstration of Integrity id: T10.7.5.2 The corresponding requirements is not testable. Req.-ID: 10.7.6 1. imbus AG v1.0 April 2008 Page 16 of 17

T10.7.5.3 Configuration of Storage of a Validation Ticket id: T10.7.5.3 An administrative role is logged in. Ensure that this administrative role can define whether the ERMS will store the validation ticket returned by the system that checked the electronic signature. Req.-ID: 10.7.8 Logged in as role CentralAdministrator 1. Define that the ERMS will store the validation ticket returned by the system that checked the electronic signature. The ERMS allows to define whether the validation ticket returned by the system that checked the electronic signature will be stored. The ERMS allows an administrator to define whether the ERMS will store the validation ticket returned by the system that checked the electronic signature. imbus AG v1.0 April 2008 Page 17 of 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information