Speaker Background. Use of Digital Signatures to Sign Drawings. Presentation Outline 1/18/2016. (and Other Documents)

Similar documents
Secure Data Exchange Solution

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Using Entrust certificates with Adobe PDF files and forms

Business Issues in the implementation of Digital signatures

Building a Digital Signature to Meet State Statute Requirements Using a Certificate Authority. Adobe Acrobat Pro DC (Released July 2015)

Digital Signatures on iqmis User Access Request Form

Adobe Digital Signatures in Adobe Acrobat X Pro

Future directions of the AusCERT Certificate Service

CoSign for 21CFR Part 11 Compliance

Adobe Developer Workshop Series

Authentication Levels. White Paper April 23, 2014

Minnesota State Colleges and Universities System Guideline Chapter 5 Administration

Inside Electronic Signature APIs

10 Tips for Selecting the Best Digital Signature Solution

Signature Authentication

Securing Adobe PDFs. Adobe - Certified Document Services Registration Authority (RA) Training. Enterprise Security. ID Verification Services

Adobe Acrobat 9 Digital Signatures, Changes and Improvements

Concept of Electronic Approvals

Controller of Certification Authorities of Mauritius

dobe Acrobat XI Pro Digital Signatures

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Full Compliance Contents

Digital Signature Certification Workflow

Intertek esignature Customer Reference Document Author: Application Support. Page 1 of 17

Oracle WebCenter Content

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Arkansas Department of Information Systems Arkansas Department of Finance and Administration

Using the Payment Processing Feature

Guide Installing Digital Certificates in Outlook 2000

Understanding Digital Signature And Public Key Infrastructure

TERMS OF USE FOR PUBLIC LAW CORPORATION PERSONAL CERTIFICATES FOR QUALIFIED DIGITAL SIGNATURE

The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions

SAFE Digital Signatures in PDF

Publicly trusted certification authorities (CAs) confirm signers identities and bind their public key to a code signing certificate.

TERMS OF USE TITLE CERTIFICATES FOR ELECTRONIC SIGNATURE

State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008

This Month s Tips & Tricks Topic: PDF Digital Signatures - Part 1: The Basics

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

OB10 - Digital Signing and Verification

Digital Signatures For Engineering Documents

Digital Signature. Signatures on the documents submitted in electronic form. Under the provision of IT Act, 2000, the office of Controller of

SSL Overview for Resellers

How to use Certificate in Outlook Express

Guidelines Related To Electronic Communication And Use Of Secure Central Information Management Unit Office of the Prime Minister

Security Yokogawa Users Group Conference & Exhibition Copyright Yokogawa Electric Corporation Sept. 9-11, 2014 Houston, TX - 1 -

An Introduction to CODE SIGNING

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

Requiring Digital Signatures and Certificates

Security Digital Certificate Manager

esign Online Digital Signature Service

Digital Signatures in a PDF

Security Digital Certificate Manager

Digital Signature: Efficient, Cut Cost and Manage Risk. Formula for Strong Digital Security

Mobile OTPK Technology for Online Digital Signatures. Dec 15, 2015

Information Security Basic Concepts

Adding Digital Signature and Encryption in Outlook

Installing your Digital Certificate & Using on MS Out Look 2007.

Mashery OAuth 2.0 Implementation Guide

How much do you pay for your PKI solution?

CoSign by ARX for PIV Cards

GLOBAL JOURNAL OF ENGINEERING SCIENCE AND RESEARCHES

Public Key Infrastructure (PKI)

Innovations in Digital Signature. Rethinking Digital Signatures

Digital Signature User Guide for Acrobat 9.0 and Adobe Reader 9.0

Case CATalyst is digital-signature ready! Introduction What are digital signatures?... 3

Adobe PDF for electronic records

Ericsson Group Certificate Value Statement

Fighting product clones through digital signatures

secure2sign: Secure and Seamless Enterprise Signing for Word (including 2007).

INTEGRATION GUIDE MS OUTLOOK 2003 VERSION 2.0

X.509 Certificate Generator User Manual

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

Expert Reference Series of White Papers. Fundamentals of the PKI Infrastructure

HOW IT WORKS E-SIGNLIVE 1 INTRODUCTION 2 OVERVIEW

understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES

Electronic and Digital Signatures

SECURITY IN ELECTRONIC COMMERCE - SOLUTION MULTIPLE-CHOICE QUESTIONS

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Guidelines for Developing Cryptographic Service Providers (CSPs) for Acrobat on Windows

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

CODE SIGNING. Why Developers Need to Digitally Sign Code and Applications entrust.com

Two factor strong authentication. Complex solution for two factor strong authentication

POLICY ISSUES IN E-COMMERCE APPLICATIONS: ELECTRONIC RECORD AND SIGNATURE COMPLIANCE FDA 21 CFR 11 ALPHATRUST PRONTO ENTERPRISE PLATFORM

The following information is provided by ARX, Inc. to aid customers in their evaluation of CoSign for SharePoint (C4SP).

Entrust IdentityGuard

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

Neutralus Certification Practices Statement

Ciphire Mail. Abstract

EMA esignature capabilities: frequently asked questions relating to practical and technical aspects of the implementation

Using Entrust certificates with Microsoft Office and Windows

Empower TM 2 Software

Information Security

Trustis FPS PKI Glossary of Terms

WHITE PAPER Usher Mobile Identity Platform

Biometric Authentication using Online Signature

Digital Signature Application

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

Transcription:

Use of Digital Signatures to Sign Drawings (and Other Documents) PLSO 2016 Conference Eugene, OR January 20, 2016 Speaker Background Author: CH-P04-0502-G-Digital Stamping Instructions Engineering and IT experience Rob Brawn, PE, OR Dir, Automation Systems CH2M HILL Presentation Outline Why use digital signatures? What is a digital signature? Third party certification What is it? Why is it important? Validation of signed documents Clarification regarding original documents Enabling multiple signers Using multi-sheet document sets Securing certificates Outlook for digital signatures Turnkey signing solutions Concluding remarks Discussion and questions 1

Benefits of Digital Signatures Saves time and money Work is performed in many locations - no delay, no FedEx or paper charges Encrypts content to prevent modification Controls access to content Manage who can access what content when Secures intellectual property (IP) Challenges to Deployment Awareness of capability and benefits Configuring the system Training Is this a Digital Signature? 2

From Wikipedia - Digital Signature A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or documents. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, that the sender cannot deny having sent the message (authentication and non-repudiation), and that the message was not altered in transit (integrity). Digital Signatures are Enabled by Digital Certificates Public Key Issued by a certificate authority (CA) Publicly verifiable Private Key Under control of the signer Not shared Note: The digital signature is secured by the private key and the certificate authority Knock, Knock 3

John Smith Who s there? Sure, let me show you Can you show me your ID? 4

Sure, let me show you ACME, LLC John Smith #12345 541-222-9999 Headquarters Can you verify John Smith, employee #12345? ACME, LLC John Smith #12345 541-222-9999 Yes, John Smith is authorized to be at your residence Thank you! 5

3 rd Party Certification 3 rd Party Certificate Request Document Signer Document Recipient Typical Components of a Digital Certificate Serial Number: Used to uniquely identify the certificate Subject: The person, or entity identified Signature Algorithm: The algorithm used to create the signature Signature: The actual signature to verify that it came from the issuer Issuer: The entity that verified the information and issued the certificate Valid-From: The date the certificate is first valid from Valid-To: The expiration date Key-Usage: Purpose of the public key (e.g. encipherment, signature, certificate signing...). Public Key: The public key Thumbprint Algorithm: The algorithm used to hash the public key certificate Thumbprint (also known as fingerprint): The hash itself, used as an abbreviated form of the public key certificate. 3 rd Party Certification Document Recipient Public Key Private Key Document Signer 6

Public Key Public Key Private Key 3 rd Party Certification 3 rd Party Certification Encrypted Private Document Key Document Signer Document Signer Whatever is encrypted with a Private Key may only be decrypted by its corresponding Public Key and vice versa Document Recipient Document Recipient Verification by Certificate Authority (3 rd Party) Validity of individual Validity of certificate Expired Revoked Self-Issued Certificate ID: first.last@company.com Document Recipient Public Key Private Key Public Key Document Signer Cannot verify certificate unless there is implicit trust between both parties 7

Potential Types of Security Threats Security Risks Are Minimized by Use of Spoof 3 rd Party Certificate Man in the Middle Authority Brute Force Search Side Channel Attack 8

9

Where is the Original Document? The digitally signed document is the original Electronic format Usually PDF but could be DWG, DGN, DOCX, XLSX, PPTX, Email, etc. There can be multiple copies of digitally signed documents and each is valid All paper forms of digital documents are copies Copies are uncontrolled Modified digitally signed documents are no longer signed Unsigned electronic documents are not originals Create a Set of Signatures 10

Certify (Visible) Single Signer Image of seal and/or signature Certify (Not Visible) Single Signer No image visible in document Sign with Certificate Multi-discipline drawings, specs, forms Image(s) of seal and/or signature Last signer locks the document Each signer is tracked 11

Workflow for Document Packages Doc A Discipline X PDF Portfolio Work package Doc B Discipline Y Multi- Doc C Specifications Workflow for Document Packages Extracting a Document From a Package Doc A Discipline X PDF Portfolio Work package PDF Portfolio Work package Doc B Discipline Y Doc A Discipline X Specifications Extracted Document Remains Multi- Doc C Doc B Multi- Doc C Discipline Y Specifications 12

PDF Portfolio vs. Composite PDF PDF Portfolio Multiple signers Audit for each document Dynamic reordering of documents Extracted documents remain signed Batch printing Composite PDF Single signer Extracted pages are not signed Batch printing Smart Card vs. Computer Storage CH2M Certificate Request Process Certificate Authority Smart Card Computer Storage Pro Portable to other devices Secured by PIN Con Requires installation process Cost of smart card Pro Simple No extra cost Con Fixed to a computer or certificate must be exported Only secured by computer s file system Email Confirmation Containing Only Password Certificate Request Certificate Requestor Email Containing Only Certificate Certificate Installed with Password PIN applied to USB Smart Card PIN: **** 13

Digital Signature Usage Will Increase Turn around time in approving and packaging documents Exchange of model information for construction/fabrication Mobile access to validated information Online plan review and permitting Need for security will increase State Requirements are Met (5) A digital signature, as an option to a handwritten signature in permanent ink is acceptable for final documents. (a) The digital signature must be: (A) Unique to the registrant using it; and (B) Capable of verification; and (C) Under the sole control of the registrant using it; and (D) Linked to a document in such a manner that the digital signature is invalidated if any data in the document is changed. (b) Documents signed using a digital signature will bear the phrase digital signature in place of the handwritten signature. 14

Turnkey Digital Signature Solutions Simple to use and easy to get started Most cost effective at smaller scale Large organizations may need certificate management for other functions Servers/websites Code Many solutions for business documents not as many for drawings Example Turnkey Solutions Adobe EchoSign LiveCycle DocuSign DocuSign CoSign (ARX) Other References USB Smart Cards Search usb digital signature token Certificate Authorities Search certificate authorities 15

Conclusion Digital signatures save time and money Need for security of information will continue to increase Barrier to entry is low Use turnkey solutions Leverage existing IT infrastructure Now is the time to become familiar with digital signatures 16

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information