Metasign for electronic signature verification and creation
Create electronic signatures and verify them with metasign to guarantee documents integrity
Atos, a European actor in IS security, provides metasign, an overall solution to create and verify electronic signatures.
In a context where organisations are moving to paperless transactions, it is necessary to electronically sign documents to guarantee their integrity and to be able to bring the proof of acceptance by the signer. The signature has to be verified strictly so as to detect any possible cause for invalidity.
Immediate verification (and augmentation)
Cryptographic signature verification following its creation and adding the necessary information to maintain its longterm validity with report generation
Signature formats
Metasign supports advanced electronic signatures conformant with the CMS, CAdES, XAdES and PAdES technicals specifications as defined by ETSI
Expertise
As a European security leader, Atos has developed an unique expertise in securing information systems, delivering consultancy, integration and expertise services in trust technologies
Conformity
► Conformance with European directive 1999/93/CE
► Conformance with French low N°2000-213 of March 13, 2000, for digital signature
► EAL3+ CC certification and French RGS standard qualification (In progess)
System requirements
► Metasign works in a Java 6, Java 7 or Java 8 runtime
► The metasign implementation of norms and standards is validated throughout the frequently participation to ETSI interoperability plugtests
► Server solutions metasign-server, metasign-adp and Vericert are running on Linux platforms (e.g. Red Hat or SUSE). These solutions are fully integrated and delivered with Open Source international components Apache, PostgreSQL, PHP and Tomcat
Norms and standards
► Certificate format compliance with ITU-T X.509v3, RFC 5280 and RFC 3739
► XAdES: XML Advanced Electronic Signature ETSI TS 101 903
► CAdES: CMS Advanced Electronic Signature ETSI TS 101 733
► PAdES: PDF Advanced Electronic Signature ETSI TS 102 778 including LTV format (part 4) and visual of signature (part6)
► XML signature policy ETSI TR 102 038
► RFC 3161: Time Stamp Protocol
► PKCS#11 and MSCAPI for interfacing with smart cards. Support of IAS cards and pinpad readers
► PKCS#11 for interfacing with a Hardware Security Module (HSM)
► PKCS#12 for the storage (in the file case) of the signature private key and the certificate
Electronic signatures guarantee the integrity of documents and identify the signers. Once a signer has produced a signature and the signature has been verified, the signature is secure and may no longer be repudiated.
Each signer (e.g. a user or an application) uses a signature key pair (a public key and a private key) and a public key certificate generated by a Certification Authority. Metasign can use signature certificates generated by the Atos’s solution metapki or other PKI products.
For users, the signature private key and the signature certificate may be stored in a smart card or in a USB token protected by a PIN, or alternatively in a file in the PKCS#12 format. Private keys and certificates are accessible either through a PKCS#11 interface or a MSCAPI interface. For applications, Hardware Security Modules (HSM) may be used for the same purpose.
Metasign creates and verifies electronic signatures using the following formats: CMS, CAdES, XAdES or PAdES, and in conformance with declared signature policies. Metasign supports time-stamping tokens generated by Atos metatime or by other time-stamping solutions.
Metasign supports the following functions:
► Signature creation: creation with the requested format using the signature policy and the configured cryptographic token; multiple signatures and co-signatures are supported
► Immediate verification (and augmentation): cryptographic signature verification following its creation and adding the necessary information to maintain its longterm validity with report generation
► Subsequent verification: verification by relying parties and generation of a report.
The eIDAS regulation allows the European Union to provide a legal framework for transnational digital transactions. It is aiming for the enhancement of electronic exchanges’ trust. It establishes a framework for electronic identification and trust services, including the topic of the electronic signature. Thus, the eIDAS regulation enhances the transparency and reliability of transactions.
Discover how we can help you being compliant with our solutions.
Learn more about itRelated resources and news
Factsheet metasign
A reliable signature creating and verifying secure transactions
In a context where organisations are moving to paperless transactions, it is necessary to electronically sign documents to guarantee their integrity and to be able to bring the proof of acceptance by the signer. The signature has to be verified strictly so as to detect any possible cause for invalidity…
News
Atos releases the Horus security suite for Intelligent Transportation Systems to secure communications in connected vehicles
Atos launches Horus security appliances to make the deployment of trust infrastructures easier
Partners program
Infineon
Atos provides products in the field of embedded device security in the context of Infineon Security Partner Network with a solution for connected cars.
Partnership cyber security products
Atos support consists of an international team of experts who will help you get optimal use out of our products in your specific environment every day.
Other Trust Management solutions
Device Security CardOS
Secure authentication and trusted identity delivering assurance and efficiency to every sector.Visit product page >
Metatime
A reliable time-stamping solution for transactions and archives generating time-stamp tokens (TSTs).Visit product page >
Metacrypt
Protecting sensible data by supporting the encryption and decryption of electronic documents.Visit product page >
Cryptographic Data Preparation Device
Managing the creation and security of EMV smart card personalization elements.Visit product page >