Digital signatures provide an efficient way to cut costs and manage risks compared to traditional handwritten signatures. They authenticate the sender, maintain data integrity, and prevent repudiation. A digital signature solution can sign and verify documents and emails in various formats like PDF, XML, and files. It integrates easily with business applications and provides features like signing workflows, auto file processing, and secure email signing. Digital signatures comply with regulations and provide security, audit trails, and non-repudiation for online commercial transactions.
2. Signature
A person’s name written in a distinctive way, pattern
or characteristic as a form of identification by which
someone or something can be identified
RafidahAriffin
3. Sumerians, inventor of writing also invented
the first authentication mechanism, intricate
seals
History of Signature
4. This practice remain unchanged for over
1,400 years. Today it is still used and
applied in much the same way – by
scribbling one’s own name.
Affixing handwritten signatures practice
began within the Roman Empire in the
year AD 439, during the rule of Valentinian
III
History of Signature
7. Easily forged
Does not maintain data integrity
Can be repudiated
However, Handwritten
Signatures…
8. Digital Signature
Also known as “Electronic
Signature” or “Digital Signature
Scheme” or “electronic seal”
Binary or digital code attach to an electronic transmit
message or document to authenticates and executes a
document and identifies the signatory.
10. “Security and commitment are key issues for commercial online
transactions, as the Internet is an open network prone to problems such
as identity, legal commitment, third party interference and manipulation
of information.”
- Malaysian Communication and Multimedia Commission (MCMC)
Introduces and implements the usage of Digital
Certificate for Internet based commercial
transactions.
In effect since 1st Oct 1998
13. Long-term Signature vs Basic Signature
Long-term signature
Basic signature
Certificate Status Info Timestamp
101100110101…
Hash encrypted with signer
private key
101100110101…
Hash encrypted with signer
private key
14. Why long-term signature is
important?
E.g. Bank Negara require records to be kept for 7 years.
In the period of 7 years, long-term signature will definitely preserve
the validity of signer.
16. Advanced Digital Signature Solution
(ADSS)
• Protecting information output
– signing and timestamping, notarising and archiving services for e-
invoicing, statements, acceptances, reports etc
• Protecting inbound information
– notarising/timestamping and archiving services for any received information for
larger organisations
• Protecting internal document workflows
– signing/approving documents or data to confirm a chain of approval (Server or Client
held documents)
• Confirming external transactions
– Using intelligent web-forms that results in both end-user signing and
corporate counter signing
– Allowing client documents and files to be signed + uploaded
17. ADSS - Services
Comprehensive e-business trust services
• Digital Signature creation - Server-side & client
side
• Digital Signature Verification Service
• Certificate Validation - OCSP client and OCSP
Server
• Timestamp - TSA Server
• Web-services Certificate Authority Services
18. Comprehensive integration options
• Web-services and HTTP, HTTPS services
• Auto File Processor (Watched Folder Mode)
• Secure Email Server
• Integration with business application that
requires workflow
ADSS – Integration Option
21. ADSS Client-side signing
Firewall
User
Business
application
ADSS Infrastructure
Servers
Firewall
Signing locally using local keys
External CAs
for OCSP and
CRL data
Go>Sign Professional
includes PDF viewing
and signing
functionality
It also enables DLP by
controlling local
saving, local printing
and screen copy.
Signature Verification
using trusted CA details
22. ADSS Client-side signing
• Documents can be signed anytime, anywhere
• A move from expensive paper based process to electronic
document
• DLP features included
• Signed using locally held private key from a Trustable third
party
• Protected under Digital Signature Act 1997
EFFICIENT
CUT COST
MANAGE RISK
24. ADSS Workflow Signing /
Verification
• Document can be signed immediately by multiple person who might not
reside in the same office
• Can be integrated with any business application – document
management system
• A move from expensive paper based process to electronic document
• A single solution which offers multiple functions – signing, time
stamping & verification
EFFICIENT
CUT COST
MANAGE RISK
• Signed using private keys from a trustable third party
• Document’s integrity guaranteed with time stamping
• Protected under Digital Signature Act 1997
• Documents hashed using SHA-1 or SHA-2 with long key lengths
25. Auto File Processor (AFP) – File Signing &
Verifying
Auto File Processor
ADSS Server
Auto File Processor is a separate
Client Application that can:
• Watch multiple input folders
• Process documents intelligently
• Use one or multiple load-balanced
ADSS Servers to sign documents
• Manages each Signing Profile
• Manages all signing keys
• Performs signature generation
• Logs all transactions
• Provides detailed reports
One ADSS Server can be used or
for high availability two load balanced
ADSS Servers can be used
Final documents
(to be signed) Signed documents
Output FoldersInput Folders
26. Auto File Processor (AFP) – File
Signing & Verifying
• Multiple documents can be signed with a click of a mouse
• Signed documents are placed in a separate folders
• A move from expensive paper based process to electronic document
• Add new features to existing business application
EFFICIENT
CUT COST
MANAGE RISK
• Signed using private keys from a trustable third party
• Document’s integrity guaranteed with time stamping
• Protected under Digital Signature Act 1997
• All requests are securely logged
27. Internet
1) ERP system
sends email
ERP
System
Recipient
Secure Email
Server
ADSS
Server
2) Request
signature
3) Signature
4) Forward
email
5) Recipient
receives
signed email
Sign emails that are sent or received
Sign email attachments
Secure Email Server - signing email &
attachments
28. • Emails & attachments can be signed and verified automatically
• Preserves integrity
• Filter selection policies to be configured that define the type of emails
to verify
• A move from expensive paper based process to electronic document
• Add new features to existing business application
EFFICIENT
CUT COST
MANAGE RISK
• Sender & receiver clearly identified
• Signed using private keys from a trustable third party
• Protected under Digital Signature Act 1997
• All requests are securely logged
Secure Email Server - signing email &
attachments
29. • Provides multiple services
– Reducing the number of individual products required
• Provides a range of interfacing options
– Easy integration with existing business workflows
• Handles a number of document formats
– Supporting business needs for PDF, XML and Files
• Provides a range of signature formats
– Comprehensive signing and verification services
• Provides a single point of management & audit
– Comprehensive event and transactional logging
– Secure web-based management with role-based access controls
– Simplifies operational activities, reduces management and training costs, reduces
implementation & system costs
Advanced Digital Signature Solution
(ADSS)
30. ADSS - References
FINANCIAL INSTITUTION
• Deutsche Bundesbank and Banca d’Italia – To verify XML signatures
using long term and archive signature for security & legal strentgh
• LeasePlan, Belgium selected ADSS PDF Server to sign invoices and other
documents. Several thousand documents are signed each month using
long-term PDF PAdES signatures.
GOVERNMENT
• The British Library, UK - Long-term evidencing for the BL online digital
media archive.
• The National Communications Authority (ANACOM), Portugal - Uses
digital signatures for traceability, accountability and integrity to its
business document workflows.