TDL Meeting 7-8 April 2014 //Vienna Sprint Proposal The key of a legal on line signature The key of a legal on line signature: The inseparable link between e-Authentication, e-Signature and e-Validation
Description of innovation Certiway’s Ecosystem Introduction of assurance levels in real time transactions Real-time contractualisation of each bilateral relationship and provision of legal claim CERTIWAY Validation platform, CERTIWAY, to guarantee end-to-end trust: revocation list management, data domiciliation & data consolidation, accountability between all service providers, recovery, resilience (ISO and 27035), interoperability
Description of innovation Certiway’s Ecosystem Description of a use case of new trust services and e-ID regulation (eIDAS) for cross border digital signature, applicable for handling real time processing of mass transactions. Use Case including: -a strong e-Authentication TDL Microsoft -a qualified electronic signature creation device TrustSeed -a validation of qualified electronic signatures CertiWay - Legal evidence and privacy’s protection CertiWay
The urgent needs of Businesses and Users New control technologies for digital identities – e-authentication – Establishing trust frameworks and increasing the interoperability of trust services – New design principles for easy and cheap deployment of complex architectures, e.g. architecture serving complex identity infrastructures New solutions digital signature, easy, cheap and legal – Easy to use, easy to deploy – Insurance levels for guarantees
The urgent needs of Businesses and Users – Compliant with upcoming European Regulations : REGULATION on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) REGULATION on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) DIRECTIVE concerning measures to ensure a high common level of network and information security across the Union (NIS Directive)
Benefits The innovation linking in real time… : From a basic to a high eID security level Strong authentication Bilateral contracts e-Signature and their validation Validation (authentication, signature and delivery) Control of the document to sign : its integrity and these mandatory data Respect of the privacy Assurance levels … is the only way to be compliant with the three upcoming European Regulations. This innovation makes your business get a head start.
Benefits In the meantime, the innovation allows : “PRIVACY BY DESIGN” - an effective protection of the data of citizens and of businesses “PRIVACY BY DESIGN” - only the electronic exchanges previously agreed “ACCOUNTABILITY” & “TRACEABILITY” - Focus on your core business and entrust liability to the qualified trust service Providers “ENTRUST LIABILTY” - as a consequence: the drastic reduction of fraud and the capability to save money “STRUGGLE AGAINST CYBER CRIME” “STRUGGLE AGAINST CYBER CRIME”
Use Case: 1. Joining TDL Sign legally online the TDL membership agreement TDL Membership Prospective member applies for membership Written application send to the TDL office Board of Directors approves applications Member accepts articles of Association & Rules and Policies Application form contains: – Signature – Contact details and billing information – Adherence to Articles of Association – Adherence to rules & policies Weakness in process! 1.No control if the signature is from an authorised representative 2.No bilateral signature 3.No version management of signed AoA & Rules and Policy connected to the signature
2. By signing online in compliance to the upcoming regulations Stored in the cloud: Applicant Company Z Agreement version.X Rules & Policies version.Y Authorised to access TDL office 365 Agreements Signature of agreement by applicant Signature of agreement by TDL Board of Directors Storage of sealed legal proof documents Electronic agreements Probative value Proof of exchange Attribute for invoicing Attribute for access 365 Proof of acceptance Legal archiving (WORM) E-authentication platform E-signature platform Validation platform Validation platform TDL office 365
General flowchart of the processes
TDL countersigns agreement without membership fee PenSeal Signature and Verification Service Validation Service Provider Contract deposit Signature Proof Creation Contract Signed + Proofs deposit for archiving Proofs Transfer request Contract Signature information for TDL Board Authentication + Signature Request TDL Board TDL Entreprise Application Portal Service Invocation of Electronic Signature Prospective member MS Azure Sharepoint PIN Entry Strong Authentication Activation Strong Authentication – Phase 1 PIN Check Approved Contract Signature Notification for prospective member Contract Sign Strong Authentication – Phase 2 contract is shown to TDL Board Signature validation and hash creation Signature validation approved notification Request for reviewing contract Receipt Proof Creation Validation Request Step 3 Step 4
Use case overview Immediate Perspective In our solution, we use the Microsoft claim system completed by the TDL check of the supporting documents uploading by the Prospective Member. Tomorrow Perspective There will be different attribute providers that will be in charge to attest the authorized signees of companies.
Feedback on the sprint What have been done so far: Researched the interface between the Microsoft e-Authentication platform Researched the interface with TDL office 365 Worked out the workflow … and What needs to be done: Implementation of a use case in TDL community
Costs estimation for the Sprint Total budget for the sprint: € Requested budget: € Method of cost estimation: 3 persons x (nb man days) x (500€) Already executed: approx. 8 man days = 12k euros Conceptual design and technical feasibility check Use case description Research aspects of relying party (TDL contracting) Preliminary workflows Needed to finalize the sprint (refer to slide 18 with details) Analysis (legal functional): 10 man days Design phase : 10 man days Implementation phase : 16 man days Dissemination of results (public paper): 10 man days Costs for availability technical platform: 6.000,- Costs for travel and unforeseen: 4k€
Use Case – Implementation view TDL membership agreement signing
Use Case – Implementation view Signing the TDL membership agreement
TDL Sprint requirements Design phase : – Detailed storyboard and technical details – Review of existing components and apps – Technical specification – Prototyping API’s Validation for implementation phase Implementation phase : – TDL uses OFFICE SHAREPOINT 2013 on 365: need technical description of document formats, web application – UIA Authentication service: need technical description of service – Access to a TDL test environment: office365 and E-authentication (test bed) – WSDL and service point addresses of existing web services
Contribution to the TDL ATTPS Testbed & TDL innovation lines Trusted stack – Trust framework architecture providing e-commerce middleware to guarantee probative value of any ”interchange” transaction and payment delivery. – Trust service provides an claim to prove validity of audit (level and duration) Data life cycle management – Revolving probative value to extend the life cycle of the digital signature. (also part of regulation) – Legal archiving of signatures & documents in the cloud and proof of exchange (transparency). – Management of transaction recovery (traceability of the transaction) Service integrity – Guarantees the integrity of the documents ATTPS TESTBED – Other relyping parties and attribute providers can keep autohorized signees of companies.