How can you create electronic signatures, verify them, and guarantee document integrity?
In environments that require a high level of trust, such as government, finance or healthcare sectors, advanced or qualified electronic signatures are highly advised.
In a context where organizations are moving to paperless transactions, it is necessary to electronically sign documents,guarantee their integrity and produce proof of acceptance by the signer. The signature must be strictly verified in order to detect any possible cause for invalidity. Atos, a European leader in IS security, provides IDnomic Sign, a complete solution for creating and verifying electronic signatures.
Follow or contact us:
The eIDAS regulation allows the European Union to provide a legal framework for transnational digital transactions. Its goal is to enhance trust in electronic exchanges by establishing a framework for electronic identification and trust services, including electronic signatures. Thus, the eIDAS regulation enhances the transparency and reliability of transactions.
Discover how Atos solutions can help you become compliant with eIDAS.
Use case: Digital signatures for healthcare organizations
How can you improve the paperwork productivity in your hospital?
Healthcare organizations can struggle with administrative costs, often due to a reliance on paper-based processes. In their journey to reduce paper, hospitals can adopt digital signatures or expand them to more departments in order to:
- Ensure the integrity of signed documents and verify the identity of the signer (patient, doctor or administrator) to ensure they are only working with trusted actors
- Benefit from timestamping to be able to verify signatures in a long-term perspective >>
- Simplify archiving, save money on printing and scanning, and reduce the time spent on paper processing
Enhance paperwork process efficiency and reliability with digital signatures.
Norms and standards
► Certificate format compliance with ITU-T X.509v3, RFC 5280 and RFC 3739
► XAdES: XML Advanced Electronic Signature ETSI TS 101 903
► CAdES: CMS Advanced Electronic Signature ETSI TS 101 733
► PAdES: PDF Advanced Electronic Signature ETSI TS 102 778 including LTV format (part 4) and visual of signature (part6)
► XML signature policy ETSI TR 102 038
► RFC 3161: Time Stamp Protocol
► Authentification Open ID Connect for the API REST
► PKCS#11 for interfacing with a Hardware Security Module (HSM)
► Local credentials
► Compliant with European directive 1999/93/CE
► Compliant with eIDAS regulation
► IDnomic Sign work with Java 8 runtime
► The IDnomic Sign iplementation of norms and standards is validated through frequent participation in ETSI interoperability plugtests
► Server solutions IDnomic Sign is running on Linux platforms (Red Hat or SUSE). These solutions are fully integrated and delivered with open source international components Apache, PostgreSQL, Tomcat, Keycloak(IDP) and Ansible (install script).
Electronic signatures guarantee the integrity of documents and identify the signers. Once a signer has produced a signature and the signature has been verified, the signature is secure and may no longer be repudiated.
Each signer (e.g. a user or an application) uses a signature key pair (a public key and a private key) and a public key certificate generated by a Certification Authority. IDnomic Sign can use signature certificates generated by the IDnomic PKI solution or other PKI products.
The server can be used to sign in the name of an entity (seal signature) or to sign in the name of a physical person with a secured management of the signer’s bi-keys.
The signers can use signature certificates stored in a smart card they hold, or certificates centrally located at the IDnomic Sign server.
IDnomic Sign creates and verifies electronic signatures using the following formats: CMS, CAdES, XAdES or PAdES, and in conformance with declared signature policies. IDnomic Sign supports time-stamping tokens generated by Atos Metatime or by other time-stamping solutions.
IDnomic Sign supports the following functions:
- Signature creation: creation with the requested format using the signature policy and the configured cryptographic token; multiple signatures and co-signatures are supported
- Immediate verification (and augmentation): cryptographic signature verification following its creation and adding the necessary information to maintain its long-term validity with report generation
- Subsequent verification: verification by relying parties and generation of a report
As organizations move to paperless transactions, it is necessary to electronically sign documents to guarantee their integrity and produce proof of acceptance by the signer. The signature must be verified strictly so as to detect any possible cause for invalidity.
In environments that require high levels of trust, advanced electronic signatures are highly advised. But where to begin?
This infographic shows how to manage your project, from the identification of your security needs to the implementation and launch itself.
Pierre-Jean Aubourg, Director of Professional Services in the Atos IoT Security department, demonstrates how digital signatures improve the user experience while enhancing security, and shares best practices for implementing a digital signature solution.