Digital Signatures on iqmis User Access Request Form



Similar documents
Creating Digital Signatures

dobe Acrobat XI Pro Digital Signatures

Creating a New Digital ID or Signature for Adobe Acrobat

Digital Signature User Guide for Acrobat 9.0 and Adobe Reader 9.0

Digital Signatures. To learn more about digital signatures view this White Paper by Adobe.

Entrust Certificate Services for Adobe CDS

Adobe Digital Signatures in Adobe Acrobat X Pro

DIGIPASS CertiID. Getting Started 3.1.0

How To Create A Digital Signature And Sign A Document With Adobe Reader XI

CTE- 26 Technical Manual

GlobalSign PDF Signing Tool

Revu validates and signs documents based on the Windows Certificate Store and the PKCS #12 standards. Revu also supports Adobe CDS signatures.

User Guide. Digital Signature

Legal Notes. Regarding Trademarks. Models supported by the KX printer driver KYOCERA MITA Corporation

Using Entrust certificates with Adobe PDF files and forms

X.509 Certificate Generator User Manual

HP ProtectTools User Guide

IBM Client Security Solutions. Client Security User's Guide

Smart Card Authentication. Administrator's Guide

Document Digital Signature

PROXKey Tool User Manual

USER GUIDE WWPass Security for (Outlook) For WWPass Security Pack 2.4

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

IBM Security Access Manager for Enterprise Single Sign-On Version User Guide IBM SC

TrustKey Tool User Manual

GoldKey Software. User s Manual. Revision WideBand Corporation Copyright WideBand Corporation. All Rights Reserved.

Smart Card Setup Guide

Document Security User Guide for Acrobat 9.0 and Adobe Reader 9.0

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Adobe Acrobat X Pro Forms

PDF Signer User Manual

Procedure for How to Enroll for Digital Signature

User Guide for CBER s Electronic Signature Process

USER GUIDE WWPass Security for Windows Logon

ZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference. May 2016

Receiving Secure from Citi For External Customers and Business Partners

Policy and Profile Reference Guide

Overview Keys. Overview

SafeNet Authentication Client (Windows)

Protected PDF Common Installation Issues

2. To encrypt the drive for future use, click Yes (Fig 1, 2). This will start the encryption process.

Token User Guide. Version 1.0/ July 2013

Creating a Digital Signature in Adobe Acrobat Created on 1/11/2013 2:48:00 PM

Verification of digitally signed PDFs

Secure Part II Due Date: Sept 27 Points: 25 Points

BitLocker Encryption for non-tpm laptops

HP ProtectTools Embedded Security Guide

RSA Authentication Manager 7.1 Security Best Practices Guide. Version 2

Network FAX Driver. Operation Guide

Adobe PDF for electronic records

Guide Installing Digital Certificates in Outlook 2000

Welcome Guide for MP-1 Token for Microsoft Windows

Secure Data Exchange Solution

SafeNet Authentication Client (Mac)

Encrypting with BitLocker for disk volumes under Windows 7

Entrust Adobe CDS Individual Certificate

Full Disk Encryption Agent Reference

Aloaha Sign! (English Version)

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

Exporting/Importing Certificates with Adobe Acrobat

RSA SecurID Software Token 1.0 for Android Administrator s Guide

Building a Digital Signature to Meet State Statute Requirements Using a Certificate Authority. Adobe Acrobat Pro DC (Released July 2015)

Smart Card Authentication Client. Administrator's Guide

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

Symantec Endpoint Encryption Full Disk

epblue GxP oftware manual Software version

You may have been given a download link on your trial software . Use this link to download the software.

DigiDelivery Client Quick Start

Simple Guide to Digital Signatures

Training Guide for Delaware Practitioners and Pharmacists Delaware Division of Professional Regulation Prescription Monitoring Program

M&T Web InfoPLU$ GETTING STARTED GUIDE

Electronic Filing System Setting Up Your Adobe Acrobat Digital ID November 2012

BitLocker To Go User Guide

Guidelines for Developing Cryptographic Service Providers (CSPs) for Acrobat on Windows

How to Sign & Certify a document using Post.Trust I.D.

Flexible Identity. OTP software tokens guide. Multi-Factor Authentication. version 1.0

VPN Client User s Guide Issue 2

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

TCS-CA. Outlook Express Configuration [VERSION 1.0] U S E R G U I D E

User Guide May Using Certificates in Outlook Express

SEZ SEZ Online Manual Digital Signature Certficate [DSC] V Version 1.2

MCBDirect Corporate Logging on using a Soft Token

General tips for increasing the security of using First Investment Bank's internet banking

User Guide. Please visit the Helpdesk website for more information:

Datacolor TOOLS. Datacolor TOOLS QCX. Datacolor TOOLS WORKSTATION

Software Manual Part IV: FDA 21 CFR part 11. Version 2.20

Contents. Getting Started...1. Managing Your Drives Backing Up & Restoring Folders Synchronizing Folders Managing Security...

Instructions For Opening UHA Encrypted

Table of Contents. TPM Configuration Procedure Configuring the System BIOS... 2

Charismathics Smart Security Interface for Mac OS X Version 5.0. User Manual

NHSmail mobile configuration guide Android mobile devices

SSL Guide. (Secure Socket Layer)

GPG installation and configuration

Ciphermail Gateway PDF Encryption Setup Guide

Transcription:

Digital Signatures on iqmis User Access Request Form When a user clicks in the User Signature block on the iqmis Access Form, the following window appears: Click Save a Copy and rename it with your name, such as iqmis_jjones or iqmis_kchapman. This is a copy of the completed form, but it is not signed yet. Open this copy and click in the User s Signature Block. Information will display regarding your Digital ID. Then the following window appears: You must save a second copy of the form in order to sign it and save it as a signed document. Create a new name, such as Signed_iQMIS_JJones or Signed_iQMIS_KChapman, and click Save. If you use your Smart Card the HPSD 12 Federal ID Card it will ask for your ID card s PIN. This is not the password for your Digital ID. You can then save the signed document and email it to your approver (see Instructions for your Agency s specific approver,) or deliver the printed document to your approver.

About Digital Signatures From http://help.adobe.com/en_us/acrobat/standard/using/ws58a04a822e3e50102bd615109794195ff- 7d4a.w.html A digital signature, like a conventional handwritten signature, identifies the person signing a document. Unlike a handwritten signature, a digital signature is difficult to forge because it contains encrypted information that is unique to the signer. It can be easily verified and informs recipients whether the document was modified after the signer initially signed the document. To sign a document, you must obtain a digital ID or create a self-signed digital ID in Acrobat or Adobe Reader. The digital ID contains a private key and a certificate with a public key and more. The private key is used to create the digital signature. The certificate is a credential that is automatically applied to the signed document. The signature is verified when recipients open the document. When you apply a digital signature, Acrobat uses a hashing algorithm to generate a message digest, which it encrypts using your private key. Acrobat embeds the encrypted message digest in the PDF, certificate details, signature image, and a version of the document when it was signed. Digital signature in a PDF form What is a digital ID? From http://help.adobe.com/en_us/acrobat/standard/using/ws11dd809af63f0e1e- 43e0464b12b4384d3b6-8000.html Digital IDs include a private key that you safeguard and a public key (certificate) that you share. A digital ID is like an electronic driver s license or passport that proves your identity. A digital ID usually contains your name and email address, the name of the organization that issued it, a serial number, and an expiration date. Digital IDs are used for certificate security and digital signatures. Digital IDs contain two keys: the public key locks, or encrypts data; the private key unlocks, or decrypts that data. When you sign PDFs, you use the private key to apply your digital signature. The public key is in a certificate that you distribute to others. For example, you can send the certificate to those who want to validate your signature or identity. Store your digital ID in a safe place, because it contains your private key that others can use to decrypt your information. Why do I need one? You don t need a digital ID for most of the work you do in PDFs. For example, you don t need a digital ID to create PDFs, comment on them, and edit them. You need a digital ID to sign a document or encrypt PDFs through a certificate. How do I get one? You can get a digital ID from a third-party provider, or you can create a self-signed digital ID.

Self-signed digital IDs Self-signed digital IDs can be adequate for personal use or small-to-medium businesses. Their use should be limited to parties that have established mutual trust. IDs from certificate authorities Most business transactions require a digital ID from a trusted third-party provider, called a certificate authority. Because the certificate authority is responsible for verifying your identity to others, choose one that is trusted by major companies doing business on the Internet. The Adobe website gives the names of Adobe security partners that offer digital IDs and other security solutions. See Adobe Security Partner Community at www.adobe.com/security/partners/index.html. Create a self-signed digital ID Sensitive transactions between businesses generally require an ID from a certificate authority rather than a self-signed one. o In Acrobat, choose Tools > Sign & Certify > More Sign & Certify > Security Settings. Note: If you don t see the Sign & Certify or Protection panel, see the instructions for adding panels at Task panes. 2. Select Digital IDs on the left, and then click the Add ID button. 3. Select the option A New Digital ID I Want To Create Now, and click Next. 4. Specify where to store the digital ID, and click Next. o New PKCS#12 Digital ID File -- Stores the digital ID information in a file, which has the extension.pfx in Windows and.p12 in Mac OS. You can use the files interchangeably between operating systems. If you move a file from one operating system to another, o Acrobat still recognizes it. Windows Certificate Store (Windows only) -- Stores the digital ID to a common location from where other Windows applications can also retrieve it. 5. Type a name, email address, and other personal information for your digital ID. When you certify or sign a document, the name appears in the Signatures panel and in the Signature field. 6. (Optional) To use Unicode values for extended characters, select Enable Unicode Support, and then specify Unicode values in the appropriate boxes. 7. Choose an option from the Key Algorithm menu. The 2048-bit RSA option offers more security than 1024-bit RSA, but 1024-bit RSA is more universally compatible. 8. From the Use Digital ID For menu, choose whether you want to use the digital ID for signatures, data encryption, or both. 9. Type a password for the digital ID file. For each keystroke, the password strength meter evaluates your password and indicates the password strength using color patterns. Reconfirm your password. You can export and send your certificate file to contacts who can use it to validate your signature. Important: Make a backup copy of your digital ID file. If your digital ID file is lost or corrupted, or if you forget your password, you cannot use that profile to add signatures.

Register a digital ID To use your digital ID, register your ID with Acrobat or Reader. o In Acrobat, choose Tools > Protection > More Protection > Security Settings. 2. Select Digital IDs on the left. 3. Click the Add ID button. 4. Select My Existing Digital ID From and choose one of the following options: o A File -- Select this option if you obtained a digital ID as an electronic file. Follow the prompts to select the digital ID file, type your password, and add the digital ID to the list. o A Roaming Digital ID Stored On A Server -- Select this option to use a digital ID that s stored on a signing server. When prompted, type the server name and URL where the roaming ID is located. o A Device Connected To This Computer Select this option if you have a security token or hardware token connected to your computer. 5. Click Next, and follow the onscreen instructions to register your digital ID. Specify the default digital ID To avoid being prompted to select a digital ID each time your sign or certify a PDF, you can select a default digital ID. o In Acrobat, choose Tools > Protection > More Protection > Security Settings. 2. Click Digital IDs on the left, and then select the digital ID you want to use as the default. 3. Click the Usage Options button, and choose a task for which you want the digital ID as the default. To specify the digital ID as the default for two tasks, click the Usage Options button again and select a second option. A check mark appears next to selected options. If you select only the signing option, the Sign icon appears next to the digital ID. If you select only the encryption option, the Lock icon appears. If you select only the certifying option, or if you select the signing and certifying options, the Blue Ribbon icon appears. To clear a default digital ID, repeat these steps, and deselect the usage options you selected. Change the password and timeout for a digital ID Passwords and timeouts can be set for PKCS #12 IDs. If the PKCS #12 ID contains multiple IDs, configure the password and timeout at the file level. Note: Self-signed digital IDs expire in five years. After the expiration date, you can use the ID to open, but not sign or encrypt, a document.

o In Acrobat, choose Tools > Protection > More Protection > Security Settings. 2. Expand Digital IDs on the left, select Digital ID Files, and then select a digital ID on the right. 3. Click the Change Password button. Type the old password and a new password. For each keystroke, the password strength meter evaluates your password and indicates the password strength using color patterns. Confirm the new password, and then click OK. 4. With the ID still selected, click the Password Timeout button. 5. Specify how often you want to be prompted for a password: o Always -- Prompts you each time you use the digital ID. o After -- Lets you specify an interval. o Once Per Session -- Prompts you once each time you open Acrobat. o Never -- You re never prompted for a password. 6. Type the password, and click OK. Be sure to back up your password in a secure place. If you lose your password, either create a new self-signed digital ID and delete the old one, or purchase one from a third-party provider. Delete your digital ID When you delete a digital ID in Acrobat, you delete the actual PKCS #12 file that contains both the private key and the certificate. Before you delete your digital ID, ensure that it isn t in use by other programs or required by any documents for decrypting. Note: You can delete only self-signed digital IDs that you created in Acrobat. A digital ID obtained from another provider cannot be deleted. o In Acrobat, choose Tools > Protection > More Protection > Security Settings. 2. Select Digital IDs on the left, and then select the digital ID to remove. 3. Click Remove ID, and then click OK. Protecting digital IDs By protecting your digital IDs, you can prevent unauthorized use of your private keys for signing or decrypting confidential documents. Ensure that you have a procedure in place in the event your digital ID is lost or stolen. How to protect your digital IDs When private keys are stored on hardware tokens, smart cards, and other hardware devices that are password- or PIN-protected, use a strong password or PIN. Never divulge your password to others. If you must write down your password, store it in a secure location. Contact your system administrator for guidelines on choosing a strong password. Keep your password strong by following these rules: Use eight or more characters. Mix uppercase and lowercase letters with numbers and special characters. Choose a password that is difficult to guess or hack, but that you can remember without having to write it down.

Do not use a correctly spelled word in any language, as they are subject to dictionary attacks that can crack these passwords in minutes. Change your password on a regular basis. Contact your system administrator for guidelines on choosing a strong password. To protect private keys stored in P12/PFX files, use a strong password and set your password timeout options appropriately. If using a P12 file to store private keys that you use for signing, use the default setting for password timeout option. This setting ensures that your password is always required. If using your P12 file to store private keys that are used to decrypt documents, make a backup copy of your private key or P12 file. You can use the backed up private key of P12 file to open encrypted documents if you lose your keys. The mechanisms used to protect private keys stored in the Windows certificate store vary depending on the company that has provided the storage. Contact the provider to determine how to back up and protect these keys from unauthorized access. In general, use the strongest authentication mechanism available and create a strong password or PIN when possible. What to do if a digital ID is lost or stolen If your digital ID was issued by a certificate authority, immediately notify the certificate authority and request the revocation of your certificate. In addition, you should not use your private key. If your digital ID was self-issued, destroy the private key and notify anyone to whom you sent the corresponding public key (certificate). Smart cards and hardware tokens A smart card looks like a credit card and stores your digital ID on an embedded microprocessor chip. Use the digital ID on a smart card to sign and decrypt documents on computers that can be connected to a smart card reader. Some smart card readers include a keypad for typing a personal identification number (PIN). Similarly, a security hardware token is a small, keychain-sized device that you can use to store digital IDs and authentication data. You can access your digital ID by connecting the token to a USB port on your computer or mobile device. If you store your digital ID on a smart card or hardware token, connect it to your device to use it for signing documents.