Digital Signatures in the Cloud: A B2C Case Study

Download Digital Signatures in the Cloud: A B2C Case Study

Post on 17-Jul-2015

316 views

Category:

Internet

1 download

Embed Size (px)

TRANSCRIPT

<ul><li><p>Digital Signatures for the Cloud: A B2C Case Study</p></li><li><p>GlobalSign Webinar</p><p>MEET THEPRESENTERS</p><p>VERAIORDANOVA</p><p>MARKETING DIRECTOR </p><p>ITEXT</p><p>EVAN WAJDA</p><p>SALES ENGINEER</p><p>GLOBALSIGN</p><p>PROJECT MANAGER</p><p>ZETES</p><p>GEERTPEETERS</p></li><li><p>GlobalSign Webinar</p><p>WHATYOU WILLLEARNTODAY</p><p>1</p><p>2 Solution Architectures</p><p>3B2C Case Study: Zetes eaZySign </p><p>Platform</p><p>Digital Signatures Overview</p><p>4 Why PDF for Digital Signatures</p></li><li><p>GlobalSign Webinar</p><p>Type your questions and comments. Well answer them all at the end of the webinar. </p><p>STAYENGAGED</p><p>Follow us on Twitter @globalsign@itext</p></li><li><p>GlobalSign Webinar</p><p>/// DIGITAL SIGNATURES OVERVIEW</p></li><li><p>GlobalSign Webinar</p><p>WHAT ARE DIGITAL SIGNATURES?</p><p>DIGITAL CERTIFICATE DOCUMENT</p><p>+ =</p><p>DIGITALLY SIGNED DOCUMENT</p></li><li><p>GlobalSign Webinar</p><p>WHAT DO WE NEED FROM DIGITAL SIGNATURES?</p><p>Integrity</p><p>Authenticity</p><p>Non-repudiation</p></li><li><p>GlobalSign Webinar</p><p>HOW DIGITAL SIGNATURES WORK: APPLYING THE SIGNATURE</p><p>Hash Function</p><p>0011000001</p><p>Hash Your Public Key</p><p>+ =Encrypt hash </p><p>with your private key</p><p>0011000001</p><p>Encrypted Hash</p><p>Original Document</p><p>Signed Document</p></li><li><p>GlobalSign Webinar</p><p>HOW DIGITAL SIGNATURES WORK: VALIDATING THE SIGNATURE</p><p>Hash Function</p><p>0011000001</p><p>Hash</p><p>Decrypt hash using signers </p><p>public key</p><p>0011000001</p><p>Encrypted Hash</p><p>Original Document</p><p>0011000001</p><p>Hash</p><p>Do the hashes match?</p></li><li><p>GlobalSign Webinar</p><p>EXAMPLE DIGITAL SIGNATURE</p></li><li><p>GlobalSign Webinar</p><p>ARE WE GETTING WHAT WE NEED FROM DIGITAL SIGNATURES?</p><p>Integrity hash check</p><p>Authenticity public key</p><p>Non-repudiation asymmetric encryption</p></li><li><p>GlobalSign Webinar</p><p>LONG TERM VALIDATIONCERTIFICATES EXPIRE</p><p>Expiration date</p><p>2013 2014 2015</p></li><li><p>GlobalSign Webinar</p><p>LONG TERM VALIDATIONREVOKED CERTIFICATES</p><p>Revocation date</p><p>2013 2014 2015</p></li><li><p>GlobalSign Webinar</p><p>SURVIVING REVOCATION AND EXPIRATION</p><p>2013 2014 2015</p><p>Expiration dateRevocation date</p></li><li><p>GlobalSign Webinar</p><p>/// SOLUTION ARCHITECTURES</p></li><li><p>GlobalSign Webinar</p><p>CLIENT-SIDE USE CASES</p><p>Credential stored on USB token</p><p>Use with desktop applications Acrobat, BlueBeam, in-house</p><p>Usually individual signing credentials</p><p>Engineering plans, approval signatures, biopharma industry</p><p>///</p><p>///</p><p>///</p><p>///</p></li><li><p>GlobalSign Webinar</p><p>SERVER-SIDE USE CASES</p><p>Credential stored on HSM owned or hosted</p><p>Use with automated document generation software </p><p>Usually department or organization signing credentials</p><p>Invoices, contracts, certifying signatures, HR documentation</p><p>///</p><p>///</p><p>///</p><p>///</p></li><li><p>GlobalSign Webinar</p><p>/// Zetes eaZySignA Case Study</p></li><li><p>GlobalSign Webinar</p><p>Attendee Poll</p><p>Question # 1: </p><p>Is your organization planning on implementing digital signatures?</p><p> Yes </p><p> No </p><p> Not sure</p><p>Question # 2: Are you considering building in-house or using a third-party solution?</p><p> In-house Third-party Not sure Not planning</p><p>Question # 3: Whats your primary reason for implementing digital signatures?</p><p> Decrease cost Improve customer</p><p>experience Speed up document</p><p>turnaround</p></li><li><p>GlobalSign Webinar</p><p>/// Reduced time to revenue</p><p>80% reduction in turnaround times.</p><p>Removes physical bottlenecks.</p><p>/// Real ROI</p><p>$20 average savings per document</p><p>Exponential increases when integrated beyond single use case.</p><p>/// Improved user experience</p><p>5X increase in customer loyalty.</p><p>Become easier to do business with.</p><p>THE CASE FOR E-SIGNATURES</p></li><li><p>GlobalSign Webinar</p><p>eaZySign SOLUTION SUMMARY</p><p>/// Software-as-a-Service: no complex hardware or software management</p><p>/// Regulates the signing process between business and consumer, as a trusted third party</p><p>/// Guarantees the legal correctness of the signature and the durability of the document content</p><p>/// Operates on web portals, desktops and mobile platforms</p><p>/// The signatures rely on Belgian electronic identity cards (e-ID) or GlobalSignPKI-based credentials</p><p>/// Complies with PDF Advanced Electronic Signatures (PAdES) standards, as established by the European Telecommunications Standards Institute (ETSI).</p></li><li><p>GlobalSign Webinar</p><p>KEY COMPONENTS</p></li><li><p>GlobalSign Webinar</p><p>/// iText is a development library for embedding automated or high-volume PDF generation into other applications</p><p>PDF Generation </p></li><li><p>GlobalSign Webinar24</p><p>PDF Capabilities </p></li><li><p>GlobalSign Webinar</p><p>WorkflowEnable e-signing, approval workflows, workflow logic, storage and archival connectivity.</p><p>Digital Rights ManagementLock/unlock content and features, track shares, set and reset permissions remotely.</p><p>Sophisticated CollaborationEnable markup and review, commenting and messaging, versioning. (no installed software)</p><p>Old and New World FidelityLooks the same on any device; requires web browser only. (no PDF reader)</p><p>Ecosystem IntegrationConnect intelligently to all the places you author and store content.</p><p>Track EverythingTrack views, shares, signatures, comments, versions, messages and everything else in one place.</p><p>PDF in the Cloud</p></li><li><p>GlobalSign Webinar</p><p>/// ISO-32000: </p><p> At minimum the PKCS#7 object shall include the signers X.509 signing certificate. This certificate shall be used to verify the signature value in /Contents.</p><p>/// Best practices (should also have):</p><p> Full certificate chain</p><p> Revocation information </p><p> Timestamp</p><p>%PDF-1.x</p><p>...</p><p>/ByteRange ...</p><p>/Contents...</p><p>%%EOF</p><p>DIGITAL SIGNATURE</p><p> Signed Message Digest Certificate chain Revocation information Timestamp</p><p>What is Inside the Signature</p></li><li><p>GlobalSign Webinar</p><p>/// A PDF document can be signed more than once, but parallel signatures arent supported, only serial signatures: additional signatures sign all previous signatures.</p><p>%PDF-1.x</p><p>% Original document</p><p>% Additional content </p><p>1</p><p>...</p><p>...</p><p>%%EOF</p><p>DIGITAL SIGNATURE 1</p><p>...</p><p>%%EOF</p><p>DIGITAL SIGNATURE 2</p><p>% Additional content </p><p>2</p><p>...</p><p>...</p><p>%%EOF</p><p>DIGITAL SIGNATURE 3</p><p>Rev1</p><p>Rev2</p><p>Rev3</p><p>Serial Signatures</p></li><li><p>GlobalSign Webinar</p><p>/// Certification (aka author) signature</p><p>/// Approval (aka recipient) signature</p><p>PDF Signature Types</p></li><li><p>GlobalSign Webinar</p><p>/// Signers identity is unknown</p><p>/// Document has been altered or corrupted</p><p>Other Possible Icons</p></li><li><p>GlobalSign Webinar</p><p>Serial Signing Example</p></li><li><p>GlobalSign Webinar</p><p>Serial Signing Example</p></li><li><p>GlobalSign Webinar</p><p>DELIVER VALUE FASTER</p><p>/// Customers now want eSignatures</p><p>/// Customer Experience benefits are an emerging driver for adoption</p><p>/// eSignature solutions also manage process workflows, line of business connectivity and governance</p><p>/// Mobile devices further accelerate signature request turnaround times</p></li><li><p>GlobalSign Webinar</p><p>CONTACT US</p><p>www.globalsign.com</p><p>@globalsign</p><p>GMO GlobalSign</p><p>www.itextpdf.com</p><p>@itext</p><p>iText Software</p></li></ul>