Ascertia Adss Server Capabilities

Ascertia ADSS Server Capabilities February 2008

Ascertia Limited A Leader in e-Trust products and solutions Comprehensive solutions for Global Trust Focused on meeting real customer needs Working with System Integrators & Service providers Selling to resellers & end-users Mission Making digital signatures easy to use and trust Providing secure, flexible, multi-functional trust services for businesses and managed service providers A private limited company All products designed and developed in-house Strong R&D investment continues at 25+% Self-funded with tight expense controls Carefully managing business growth Wholly owned by Directors and staff

Products - 2008 CLIENT SOFTWARE Digital signatures Verification & validation, Encryption PDF Sign&Seal File Sign&Seal ARP SE (OCSP & CRL services) ARP SDK (validation toolkit) SERVER SOFTWARE Digital signature creation, Verification & validation, Encryption & other options ADSS Server - PDF Signer Server option - XML Signer Server option - File Signer Server option ADSS Secure eMail Server [Q2] ARP EE (OCSP & CRL services) Full validation + history logs CRL and OCSP Service Monitors and test tools INFRASTRUCTURE SOFTWARE - TrustFinderOCSP OCSP Server - TrustFinderCA Enterprise credentials - TrustFinderTSA TimeStamp Server - TrustFinderSCVP XKMS Server [Q2] - TrustFinderXKMS SCVP Server [Q3] PKI Protocols DATA

Business Workflow Example Verify Timestamp ERP CRM ECM Create Sign Review Approve Verify Countersign Review/ Release Verify Countersign Audit Verify

Business Workflow Example Create Sign Countersign Verify Timestamp Review Approve Review/ Release Audit Users identified using strong authentication techniques with an option to confirm and authorise signature and counter-signature If using signed PDFs then Adobe ® Reader also verifies at the desktop

DESKTOP SOFTWARE Desktop Applications: PDF Sign&Seal File Sign& Seal ARP OCSP Client Browser based (Server controlled): - PDF Signing - File Signing - XML Signing - Signing & uploading files SERVER SOFTWARE ADSS Server - PDF signing, encryption & verification - XML signing and verification - File signing and verification - Timestamp Authority services - OCSP Validation Authority services ARP OCSP Client (for servers) Multiple document formats Multiple signature formats Notary archive services Implementation Options DATA

ADSS Server – Business Usage Can be used to deliver trust for internal or external e-business workflows Central or local Government Financial, Telco, Pharma, Petrochemical, etc Health services, multi-agency services, etc Satisfies business needs for Traceability, audit, compliance Identity assurance, integrity Document and data authentication Certainty in dealing with final, approved documents Immediate, medium term and long-term trust Optional digital notary services

ADSS Server Product Architecture Application Web Services Application Java API Email Gateway Watched Folder OCSP Clients SCVP clients XKMS clients using HTTP HTTP/S XML/SOAP Synchronous Asynchronous    = Q1 2008

ADSS Server Powered Products PDF Signer Server Signing & Verification XML Signer Server Signing & Verification File Signer Server Signing & Verification also Forms TrustFinderOCSP v5 RFC 2560 Validation Authority TrustFinderTSA v5 RFC 3161 Timestamp Authority In R&D TrustFinderCA (Full features) TrustFinderSCVP TrustFinderXKMS Note: You only need license and use what is needed today

ADSS Server Product Differentiators Business applications need comprehensive services not just simple protocols ADSS Server is a comprehensive multi-functional server ADSS Server offers a single service point For signing, for verification, for validation & timestamping For application authorisation & transaction management ADSS saves time everywhere - for everyone Solution Architect learning time Solution delivery / build time Operations Management training time Security Audit training time All modules have a consistent look & feel Solution build & enhancement is easier ADSS Server does it all from just one box! OCSP Server (XKMS/SCVP) TSA CA / RA Server-side Signing & Verification

Why use ADSS Server? Maximises options and enables easy usage Multiple integration approaches, optional HSMs Handles multiple document formats Handles multiple signature locations and formats Corporate signatures, end-user signatures Minimises internal effort to apply trust High level services – even using just one line of code ! Manages all keys and certificates Built-in management, logging, audit, reporting A world-class product for today and tomorrow! All the business options in one product Services multiple concurrent applications High availability and scalability Easy to use, managed, controlled security

Ascertia ADSS Server Trust Services Note: You only need license and use what is needed today PDF Documents - Basic signature (visible / invisible) - Certify - Sign & timestamp - Long-term signatures XML Documents - XML DSig (XAdES ES) - Timestamps (XAdES ES-T) - Long-term signatures (XAdES X-Long) PKCS#7 / CMS / SMIME - Basic signature (CAdES ES) - Timestamps (CAdES ES-T) - Long-term signatures (CAdES X-Long) Historic Verification OCSP Validation (immediate verify & long term sign) Time Stamp Authority (TSA) Server Sign Verify                     -    [email_address]  

Use case 1 Adding Trust to Outbound Documents For any internal, published or outgoing data Signed Invoices, Signed Receipts, Orders & Order Confirmations Regulatory Reporting, Policies and Procedures Internal Users Third parties SIGN + timestamp Business Applications ADSS Server Internal ERP, ECM, CRM Systems Notary archive option

Use case 2 Adding Trust to Inbound Documents For received documents or data eProcurement submissions, Financial Reports Regulations, Orders, Receipts, Statements Internal Systems Notary archive option VERIFY and/or SIGN & TIMESTAMP Business Applications ADSS Server Signed data from known systems Unsigned data from untrusted systems

Use case 3 Server-controlled client-side signing eProcurement, eTendering, eBPM actions Purchasing, Business Agreements Accepting, Approving, Confirming Workflow / Confirmation SIGN & VERIFY Display Document Ask to Sign Signature Action End-user & Corporate Signatures Applied End-user signature verified & validated User keys GoSign Applet G Business Applications ADSS Server Display signed document

Use Case 4 Server-side multi-user signing eBPM actions, Purchasing, Business Agreements Accepting, Approving, Confirming Workflow / Confirmation PDF SIGN Display Document Ask to Sign Confirm wish to Sign Display signed document Action End-user & Corporate Signatures Applied User keys Business Applications ADSS Server Option to timestamp, long-term sign

Use case 5 Signed upload of client documents or files eBanking, eProcurement, eTendering Trade finance systems, etc VERIFY & TIMESTAMP Application Dialogue Ask to Upload Signed file uploaded Optional signed receipt is recommended! Workflow Action End-user signature verified & validated Optional timestamp applied to confirm time User keys GoSign Applet (local file signing option specified) G Business Applications ADSS Server

Use Case 6 Document Management Workflow eProcurement, eTendering, Project work E-Portal Documents and Workflow Management VERIFY & TIMESTAMP End-user and corporate signatures applied End-user signature verified & validated Multiple Users, Different Organisations SIGN G G Business Applications ADSS Server

Use case 7 Adding Trust to Emails and attachments Using Ascertia ADSS Secure eMail Server [Q2 2008] Sign or verify emails that are sent or received Sign or verify email attachments Archive/ recovery emails Intelligent handling of encryption / decryption Internal Users Third parties SIGN + timestamp Secure eMail Server ADSS Server Internal ERP, ECM, CRM Systems Notary archive option

ADSS Server Scalability / Resilience CA 1 CA 2 CA n CRLs CRLs CRLs OCSP OCSP OCSP Hardware Load Balancer ADSS Server Database replication E.g. Big-IP Cisco HSM 1 ADSS Server HSM 2 SQL Server or Oracle or PostgreSQL Signature / Verification / Validation requests (HTTP/HTTPS) Option for 1 or more CAs supported Optional HSMs

ADSS Server – Authority Services ADSS Certificate Authority Internal key generation and certification or interaction with an external CA ADSS Validation Authority Current validation using CRL checks Current validation using OCSP calls Historic validation using retained old CRLs DNV VAS protocol SCVP and XKMS options in Q1 2008 ADSS Time Stamp Authority Provides RFC3161 Timestamp Authority services Provide good commercial management services

Solution Summary Trust is essential for e-business Enhances credibility Prevents changes to data Meets legislative requirements Enables legal acceptance Enhances dispute resolutions Prevents draft or unapproved data being used Substantially reduces print and delivery costs Reduces business risk and costs Offers a competitive advantage Ascertia is a trust products leader Ascertia has excellent references Sign-off & approval Clear ownership Assure traceability Legal weight signatures Strengthen audit & compliance Reduce identity fraud Strengthen internal policies Prevent document changes Reduce paper & postage costs And reduce your carbon footprint Provide undeniable evidence Protect archived data

Ascertia Summary Ascertia leads the world with its trust solutions The right vision & capability to secure the future The right company to do business with The right architecture for the future The right products for today’s market The right attitude and commitment to our customers and partner

Questions: Rod Crook +44 1256 895416 [email_address]

Ascertia Adss Server Capabilities

More Related Content

Similar to Ascertia Adss Server Capabilities (20)

Recently uploaded (20)

Ascertia Adss Server Capabilities

Editor's Notes