Concept of Electronic Approvals



Similar documents
Business Issues in the implementation of Digital signatures

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, Page 1

Securing your Online Data Transfer with SSL


User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

Security Digital Certificate Manager

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Security Digital Certificate Manager

Understanding digital certificates

Installing your Digital Certificate & Using on MS Out Look 2007.

E-Lock ProSigner vs. In-built Acrobat 6.0 signatures

Adobe PDF for electronic records

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.

Ericsson Group Certificate Value Statement

7 Key Management and PKIs

Guide Installing Digital Certificates in Outlook 2000

Using Entrust certificates with Adobe PDF files and forms

Purpose of PKI PUBLIC KEY INFRASTRUCTURE (PKI) Terminology in PKIs. Chain of Certificates

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

Ciphermail S/MIME Setup Guide

Certification Practice Statement

Document Management Getting Started Guide

TELSTRA RSS CA Subscriber Agreement (SA)

CSC/ECE 574 Computer and Network Security. What Is PKI. Certification Authorities (CA)

State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008

SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION

CALIFORNIA SOFTWARE LABS

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Configuring DoD PKI. High-level for installing DoD PKI trust points. Details for installing DoD PKI trust points

Technical Description. DigitalSign 3.1. State of the art legally valid electronic signature. The best, most secure and complete software for

Public Key Infrastructure (PKI)

The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

HMRC Secure Electronic Transfer (SET)

Understanding Digital Signature And Public Key Infrastructure

Key Management and Distribution

HKUST CA. Certification Practice Statement

APPLICATION FOR DIGITAL CERTIFICATE

Neutralus Certification Practices Statement

Key Management and Distribution

Certification Practice Statement

Future directions of the AusCERT Certificate Service

Strategies for the implementation of a Public Key Authentication Framework (PKAF) in Australia

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University

dobe Acrobat XI Pro Digital Signatures

Djigzo S/MIME setup guide

NIST Test Personal Identity Verification (PIV) Cards

Validating Digital Signatures in Adobe

Certipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012

X.509 Certificate Generator User Manual

Administration Guide Certificate Server May 2013

Receiving Secure from Citi For External Customers and Business Partners

CSE543 - Introduction to Computer and Network Security. Module: Public Key Infrastructure

IBM i Version 7.3. Security Digital Certificate Manager IBM

HP ProtectTools Embedded Security Guide

Secure Part II Due Date: Sept 27 Points: 25 Points

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Publicly trusted certification authorities (CAs) confirm signers identities and bind their public key to a code signing certificate.

Expert Reference Series of White Papers. Fundamentals of the PKI Infrastructure

Apple Corporate Certificates Certificate Policy and Certification Practice Statement. Apple Inc.

Certificates. Noah Zani, Tim Strasser, Andrés Baumeler

Integrated SSL Scanning

Using etoken for Securing s Using Outlook and Outlook Express

Class 3 Registration Authority Charter

OB10 - Digital Signing and Verification

What Are Certificates?

How To Understand And Understand The Security Of A Key Infrastructure

Chapter 7 Managing Users, Authentication, and Certificates

Overview. SSL Cryptography Overview CHAPTER 1

StartCom Certification Authority

SEZ SEZ Online Manual Digital Signature Certficate [DSC] V Version 1.2

Building a Digital Signature to Meet State Statute Requirements Using a Certificate Authority. Adobe Acrobat Pro DC (Released July 2015)

CERTIFICATION PRACTICE STATEMENT UPDATE

Ford Motor Company CA Certification Practice Statement

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

TERMS OF USE FOR PUBLIC LAW CORPORATION PERSONAL CERTIFICATES FOR QUALIFIED DIGITAL SIGNATURE

associate professor BME Híradástechnikai Tanszék Lab of Cryptography and System Security (CrySyS)

Arkansas Department of Information Systems Arkansas Department of Finance and Administration

CSOS Certificate Support Guide. Version: 1.1 Published: October 1, 2006 Publisher: CSOS Certification Authority

Cryptography and Network Security Chapter 14. Key Distribution. Key Management and Distribution. Key Distribution Task 4/19/2010

Lecture VII : Public Key Infrastructure (PKI)

Certificate Management. PAN-OS Administrator s Guide. Version 7.0

Digital Signatures on iqmis User Access Request Form

GlobalSign Digital IDs for Adobe AIR Code Signing

Trust Service Principles and Criteria for Certification Authorities

DEPARTMENT OF DEFENSE PUBLIC KEY INFRASTRUCTURE EXTERNAL CERTIFICATION AUTHORITY MASTER TEST PLAN VERSION 1.0

Certificate Policies and Certification Practice Statements

Cryptography and Network Security Chapter 14

NetIQ Certificate Server 8.8 SP8. Administration Guide

Grid Computing - X.509

Mobile OTPK Technology for Online Digital Signatures. Dec 15, 2015

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Digital Certificate for Corporate Internet Banking - User Guide

DIGITAL SIGNATURE AS A TOOL TO ACHIEVE COMPETITIVE ADVANTAGE OF ORGANIZATION

Transcription:

E-Lock Technologies Contact info@elock.com

Table of Contents 1 INTRODUCTION 3 2 WHAT ARE ELECTRONIC APPROVALS? 3 3 HOW DO INDIVIDUALS IDENTIFY THEMSELVES IN THE ELECTRONIC WORLD? 3 4 WHAT IS THE TECHNOLOGY BEHIND DIGITAL CERTIFICATES? 3 5 WHERE DO I STORE MY DIGITAL CERTIFICATE? 4 5.1 IN THE SECURITY FRAMEWORK ON YOUR COMPUTER (VISIBLE THROUGH YOUR BROWSER) 4 5.2 IN A FILE 4 5.3 ON A SMART CARD 4 6 HOW DO YOU USE DIGITAL CERTIFICATES TO SIGN DOCUMENTS? 5 7 WHAT DOES DIGITAL SIGNING AND VERIFICATION OF A DOCUMENT INVOLVE? 5 8 WHAT IS THE DIFFERENCE BETWEEN SIGNING AND ENCRYPTING DOCUMENTS? 6 9 WHAT MAKES FOR A GOOD ELECTRONIC SIGNATURE SOLUTION? 6 E-Lock 2 of 7

1 INTRODUCTION This document explains the concept of electronic approvals and what is involved. It goes indepth to explain all the elements and helps you understand how an electronic signature solution works. 2 WHAT ARE ELECTRONIC APPROVALS? Electronic approvals refer to taking the approval and signing process online enabling individuals, organizations and governments to quickly authorize and sign and approve documents and transactions. Electronic Approvals represent considerable time and cost savings over traditional paper intensive methods. More importantly, electronic approvals have now acquired legal status and carry the same weight as paper based documents. Several countries across the world have passed electronic signature legislation, laying down the terms and conditions for legally binding electronic transactions. 3 HOW DO INDIVIDUALS IDENTIFY THEMSELVES IN THE ELECTRONIC WORLD? Digital Certificates help in identifying and establishing the credentials of individuals participating in on-line communication or transactions. Individuals are proofed and then issued certificates that can be used in online transactions. These certificates vouch for the owner s identity and/or association with a particular organization and endorse his/her authority to participate in specific transactions. Certificates are issued and managed by trusted third parties known as Certificate Authorities (CA s). 4 WHAT IS THE TECHNOLOGY BEHIND DIGITAL CERTIFICATES? The underlying technology to digital certificates is called PKI or Public Key Infrastructure. This technology is based on cryptography and it utilizes what is known as a "key pair" - a public key and a private key. These are nothing but 2 pieces of mathematically related information. Both these together comprise the digital certificate. The private key is always under the sole control of the owner and the public key can be distributed to other users. The private key cannot be compromised through knowledge of the associated public key. Each key in the key pair performs the inverse function of the other. What one key does, only the other can undo. The private key is used for signing and decrypting a message or a document while the public key is used to verify or encrypt. All this is transparent to the user. E-Lock 3 of 7

This is what a digital certificate looks like. It contains information on: The person it is issued to The Issuer The validity period 5 WHERE DO I STORE MY DIGITAL CERTIFICATE? You can opt to store your certificate in one or all of the following ways: 5.1 IN THE SECURITY FRAMEWORK ON YOUR COMPUTER (VISIBLE THROUGH YOUR BROWSER) If you open Internet Explorer and go to Tools Internet Options Content Tab you will see a section called Certificates. This corresponds to the security framework, which is present on your computer by default. This is the most common place to store certificates. If you click the certificate button, you will see some certificates that are already present on your computer. This is divided into an area for your own personal certificates, other people s certificates and CA root certificates. 5.2 IN A FILE You can opt to store your certificate to a file. It will have one of the following extensions: pfx or p12. 5.3 ON A SMART CARD This is the most secure way to store your certificate. It is also convenient for users that are mobile; this provides a way for them to carry their certificate with them wherever they go. E-Lock 4 of 7

6 HOW DO YOU USE DIGITAL CERTIFICATES TO SIGN DOCUMENTS? Once you acquire a digital certificate, Digital Signature applications enable you utilize that certificate to sign documents electronically. Since a digital certificate vouches for your electronic identity, the application of that certificate to any data (documents or transactions) establishes a user s connection to a document. 7 WHAT DOES DIGITAL SIGNING AND VERIFICATION OF A DOCUMENT INVOLVE? When you digitally sign a document, you re actually binding your digital certificate (and thus your identify) to the contents of the document. When you sign (using your certificate), an algorithm is used to create a hash of the application of your certificate to the document. This hash is then internally encrypted (not to be confused with encrypting a document) using the private key component of your certificate. This encrypted hash is the actual digital signature. The public key component of the certificate and the hash created travels transparently with the signed document. This signed document can then be routed to the recipient. When the Recipient attempts to verify the signed document, the public key that travels along with the signed document is first used to decrypt the digital signature; the hash is retrieved on doing this. Another hash is created on the recipients end, and this hash is compared with the older hash. If both match, then the verification is deemed successful. When Verification is successful, is means that No changes have been made to the document after signing. It also identifies the signer of the document to the recipient (through the digital certificate). The recipient can therefore be certain of who the document came from. 8 HOW DO I CHECK IF A DOCUMENT HAS BEEN SIGNED USING A VALID CERTIFICATE? At the time of issue, certificates are given a fixed life span and expire at the end of this set period. There are several reasons for why a certificate might need to be revoked much before the due expiry date such as in the case of a change in job status, termination of employment or suspected private key compromise. For instance when individuals in positions of authority change organizations or for some reason are no longer associated with a particular organization, their authority and subsequently their digital certificates, which represent this authority need to be revoked. Under certain circumstances, a user may personally initiate revocation of his/her own certificate (for eg due to suspected compromise of the corresponding private key). Timely E-Lock 5 of 7

certificate revocation ensures that the certificate will not be used either accidentally or deliberately for unauthorized participation in transactions. It is important that your electronic signature solution is capable of checking the status of certificates that have been used to sign documents. Certificate Authorities periodically publish lists of revoked certificates called Certificate Revocation Lists (CRLs). The CRL location for a particular Certificate Authority is typically mentioned in the details of any certificate issued by that CA and the location is called a CRLDP (Certificate Revocation List Distribution Point) A Certificate Revocation List The CRLDP as specified in a certificate 9 WHAT IS THE DIFFERENCE BETWEEN SIGNING AND ENCRYPTING DOCUMENTS? The major difference between signing and encrypting documents is that when you sign a document you are certifying the contents and when you encrypt it you are blocking the content from all except the intended recipient(s). A signed document is visible by all but an encrypted document is only visible to the person(s) that have the authority to decrypt it. In most cases you would need to just sign the document, however if the content is of highvalue or confidential, you may want to encrypt it so only the intended persons can view it. 10 WHAT MAKES FOR A GOOD ELECTRONIC SIGNATURE SOLUTION? A good solution is one that combines ease of use with strong security that s transparent to the user. It s important that users be able migrate to the new electronic system with a minimal learning curve. As such, the electronic signature solution should be intuitive to use, and easily scaleable to meet future needs. The signature solution should work with any Digital Certificate issued by a recognized Certificate Authority (x.509 is the certificate format standard). This ensures PKI independence. It should also interoperate with smart cards and signature capture devices, as these elements combine to offer users a complete solution. It helps if user functions are wizard based for ease of use to even first time users and if settings for common operations can be preset and automated. It s also a good idea if the E-Lock 6 of 7

solution allows for security policies so you can control and define how security is used complied with in your organization. Lastly, a good signature solution should comply with at least the key conditions laid down in the digital signature legislation of your country (if applicable). E-Lock 7 of 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information