Transcript

Digital Signatures for the Cloud: A B2C Case Study

GlobalSign Webinar

MEET THEPRESENTERS

VERAIORDANOVA

MARKETING DIRECTOR

ITEXT

EVAN WAJDA

SALES ENGINEER

GLOBALSIGN

PROJECT MANAGER

ZETES

GEERTPEETERS

GlobalSign Webinar

WHATYOU WILLLEARNTODAY

1

2 Solution Architectures

3B2C Case Study: Zetes eaZySign

Platform

Digital Signatures Overview

4 Why PDF for Digital Signatures

GlobalSign Webinar

Type your questions and comments. We’ll answer them all at the end of the webinar.

STAYENGAGED

Follow us on Twitter @globalsign@itext

GlobalSign Webinar

/// DIGITAL SIGNATURES OVERVIEW

GlobalSign Webinar

WHAT ARE DIGITAL SIGNATURES?

DIGITAL CERTIFICATE DOCUMENT

+ =

DIGITALLY SIGNED DOCUMENT

GlobalSign Webinar

WHAT DO WE NEED FROM DIGITAL SIGNATURES?

Integrity

Authenticity

Non-repudiation

GlobalSign Webinar

HOW DIGITAL SIGNATURES WORK: APPLYING THE SIGNATURE

Hash Function

0011000001

Hash Your Public Key

+ =Encrypt hash

with your private key

0011000001

Encrypted Hash

Original Document

Signed Document

GlobalSign Webinar

HOW DIGITAL SIGNATURES WORK: VALIDATING THE SIGNATURE

Hash Function

0011000001

Hash

Decrypt hash using signer’s

public key

0011000001

Encrypted Hash

Original Document

0011000001

Hash

Do the hashes match?

GlobalSign Webinar

EXAMPLE DIGITAL SIGNATURE

GlobalSign Webinar

ARE WE GETTING WHAT WE NEED FROM DIGITAL SIGNATURES?

Integrity – hash check

Authenticity – public key

Non-repudiation – asymmetric encryption

GlobalSign Webinar

LONG TERM VALIDATIONCERTIFICATES EXPIRE

Expiration date

2013 2014 2015

GlobalSign Webinar

LONG TERM VALIDATIONREVOKED CERTIFICATES

Revocation date

2013 2014 2015

GlobalSign Webinar

SURVIVING REVOCATION AND EXPIRATION

2013 2014 2015

Expiration dateRevocation date

GlobalSign Webinar

/// SOLUTION ARCHITECTURES

GlobalSign Webinar

CLIENT-SIDE USE CASES

Credential stored on USB token

Use with desktop applications – Acrobat, BlueBeam, in-house

Usually individual signing credentials

Engineering plans, approval signatures, biopharma industry

///

///

///

///

GlobalSign Webinar

SERVER-SIDE USE CASES

Credential stored on HSM – owned or hosted

Use with automated document generation software

Usually department or organization signing credentials

Invoices, contracts, certifying signatures, HR documentation

///

///

///

///

GlobalSign Webinar

/// Zetes eaZySignA Case Study

GlobalSign Webinar

Attendee Poll

Question # 1:

Is your organization planning on implementing digital signatures?

Yes

No

Not sure

Question # 2: Are you considering building in-house or using a third-party solution?

In-house Third-party Not sure Not planning

Question # 3: What’s your primary reason for implementing digital signatures?

Decrease cost Improve customer

experience Speed up document

turnaround

GlobalSign Webinar

/// Reduced time to revenue

80% reduction in turnaround times.

Removes physical bottlenecks.

/// Real ROI

$20 average savings per document

Exponential increases when integrated beyond single use case.

/// Improved user experience

5X increase in customer loyalty.

Become easier to do business with.

THE CASE FOR E-SIGNATURES

GlobalSign Webinar

eaZySign SOLUTION SUMMARY

/// Software-as-a-Service: no complex hardware or software management

/// Regulates the signing process between business and consumer, as a trusted third party

/// Guarantees the legal correctness of the signature and the durability of the document content

/// Operates on web portals, desktops and mobile platforms

/// The signatures rely on Belgian electronic identity cards (e-ID) or GlobalSignPKI-based credentials

/// Complies with PDF Advanced Electronic Signatures (PAdES) standards, as established by the European Telecommunications Standards Institute (ETSI).

GlobalSign Webinar

KEY COMPONENTS

GlobalSign Webinar

/// iText is a development library for embedding automated or high-volume PDF generation into other applications

PDF Generation

GlobalSign Webinar24

PDF Capabilities

GlobalSign Webinar

WorkflowEnable e-signing, approval workflows, workflow logic, storage and archival connectivity.

Digital Rights ManagementLock/unlock content and features, track shares, set and reset permissions remotely.

Sophisticated CollaborationEnable markup and review, commenting and messaging, versioning. (no installed software)

Old and New World FidelityLooks the same on any device; requires web browser only. (no PDF reader)

Ecosystem IntegrationConnect intelligently to all the places you author and store content.

Track EverythingTrack views, shares, signatures, comments, versions, messages and everything else in one place.

PDF in the Cloud

GlobalSign Webinar

/// ISO-32000:

• At minimum the PKCS#7 object shall include the signer’s X.509 signing certificate. This certificate shall be used to verify the signature value in /Contents.

/// Best practices (“should” also have):

• Full certificate chain

• Revocation information

• Timestamp

%PDF-1.x

...

/ByteRange ...

/Contents<

>...

%%EOF

DIGITAL SIGNATURE

• Signed Message Digest

• Certificate chain

• Revocation information

• Timestamp

What is Inside the Signature

GlobalSign Webinar

/// A PDF document can be signed more than once, but parallel signatures aren’t supported, only serial signatures: additional signatures sign all previous signatures.

%PDF-1.x

% Original document

% Additional content

1

...

...

%%EOF

DIGITAL SIGNATURE 1

...

%%EOF

DIGITAL SIGNATURE 2

% Additional content

2

...

...

%%EOF

DIGITAL SIGNATURE 3

Rev1

Rev2

Rev3

Serial Signatures

GlobalSign Webinar

/// Certification (aka author) signature

/// Approval (aka recipient) signature

PDF Signature Types

GlobalSign Webinar

/// Signer’s identity is unknown

/// Document has been altered or corrupted

Other Possible Icons

GlobalSign Webinar

Serial Signing Example

GlobalSign Webinar

Serial Signing Example

GlobalSign Webinar

DELIVER VALUE FASTER

/// Customers now want eSignatures

/// Customer Experience benefits are an emerging driver for adoption

/// eSignature solutions also manage process workflows, line of business connectivity and governance

/// Mobile devices further accelerate signature request turnaround times

GlobalSign Webinar

CONTACT US

www.globalsign.com

@globalsign

GMO GlobalSign

www.itextpdf.com

@itext

iText Software


Top Related