Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introducing CounterSign

PublishAllan May Modified over 6 years ago

Similar presentations

Presentation on theme: "Introducing CounterSign"— Presentation transcript:

1 Introducing CounterSign
Nathan McMinn Technical Consultant - Alfresco

2 What are Digital Signatures?
“A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document”

3 3 Criteria for Digital Signatures
Authenticity: Guarantees that a signer is who they say that they are Conveys intent, that the document was intentionally signed for the stated reason

4 3 Criteria for Digital Signatures
Non-repudiation: Ensures that a signer cannot make a claim that their key is secure while simultaneously claiming that they did not sign a document Requires hard to forge signing artifacts

5 3 Criteria for Digital Signatures
Integrity: Verification that a document or message has not been altered since it was signed

6 How do Digital Signatures Work?
Create a hash of the document Sign the hash with a private key (Optionally) embed the signed hash in the document Digital signatures rely on asymmetric encryption to allow signing and verification

7 PDF vs. Everything Else PDF documents have separate areas for storing content and signatures. This enables a PDF document to have multiple embedded signatures that do not alter the content, and thus, the hash of the content remains consistent across signings. CounterSign supports this via iText

8 PDF vs. Everything Else, part 2
Any type of document can be signed, but the signature is (generally) a separate artifact With a combination of the document, the signature and the public key of the purported signer, the signature can be verified CounterSign supports this too, including creating signatures, attaching them to the doc, managing the artifacts and verifying the signature.

9 Project Origin and Direction
Origin: The Alfresco PDF Toolkit PDF Toolkit has a digital signature function but it is best suited for automated system signatures set by content rules Not very user friendly for end-users that wish to apply signatures! CounterSign started as a branch in the PDF toolkit, until it became apparent that the scope would be beyond just PDF docs Fork time!

10 The Old Way The Alfresco PDF toolkit can apply signatures, but the interface is not very user friendly! Origin: The Alfresco PDF Toolkit PDF Toolkit has a digital signature function but it is best suited for automated system signatures set by content rules Not very user friendly for end-users that wish to apply signatures! CounterSign started as a branch in the PDF toolkit, until it became apparent that the scope would be beyond just PDF docs Fork time!

11 CounterSign Design Goals
Simple for non-technical users Self-service (where possible) Simple to administer Self Contained - External PKI integration possible, but not required Regulatory / Standards compliance Self service in this context means enabling a user to automatically generate their own signing artifacts within the constraints laid out by the admin Regulatory requirements are focused on US FDA CFR21 Part 11 Desired standards compliance is focused on CAdES / PAdES / XAdES once dependency issues are resolved.

12 CounterSign Design Goals, API
Java Service API – currently sparse, but growing JavaScript API Signature provider interface for external PKI integration Custom Actions for applying signatures, creating form fields and more Self service in this context means enabling a user to automatically generate their own signing artifacts within the constraints laid out by the admin Regulatory requirements are focused on US FDA CFR21 Part 11 Desired standards compliance is focused on CAdES / PAdES / XAdES once dependency issues are resolved.

13 A Word on Standards Current CounterSign release (1.0) cannot achieve CAdES / PAdES compliance for PDF documents due to a dependency in Alfresco. Working on it! BouncyCastle version shipped with Alfresco is incompatible with the versions of iText needed for CAdES / PAdES compliance.

14 Demo

15 Required Reading Bruno Lowagie’s whitepaper on PDF Signatures:

16 Project and Contact Info Nathan McMinn – Technical Consultant nathanmcminn.com CounterSign:

Download ppt "Introducing CounterSign"

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.

M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.
Proposal for an achievable, cost effective Security Concept for EOBRs C. Hardinge / A. Lindinger.

Proposal for an achievable, cost effective Security Concept for EOBRs C. Hardinge / A. Lindinger.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···

Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Nathan McMinn, Technical Consultant with Alfresco

Nathan McMinn, Technical Consultant with Alfresco
Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A.

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.
1 Information Security Practice I Lab 5. 2 Cryptography and email security Cryptography is the science of using mathematics to encrypt and decrypt data.

1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
 A Web service is a method of communication between two electronic devices over World Wide Web.

 A Web service is a method of communication between two electronic devices over World Wide Web.
Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA-01993 SHA-11995 SHA-22002 – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.

Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.
MARK B. JONES PKI DEPLOYMENT FORUM MADISON, WI APRIL 16 TH, 2008 Why do I need a Digital ID?

MARK B. JONES PKI DEPLOYMENT FORUM MADISON, WI APRIL 16 TH, 2008 Why do I need a Digital ID?
Digital Signatures, Message Digest and Authentication Week-9.

Digital Signatures, Message Digest and Authentication Week-9.
DIGITAL SIGNATURE.

DIGITAL SIGNATURE.

Similar presentations

Ads by Google