Digital signatures provide an efficient way to cut costs and manage risks compared to traditional handwritten signatures. They authenticate the sender, maintain data integrity, and prevent repudiation. A digital signature solution can sign and verify documents and emails in various formats like PDF, XML, and files. It integrates easily with business applications and provides features like signing workflows, auto file processing, and secure email signing. Digital signatures comply with regulations and provide security, audit trails, and non-repudiation for online commercial transactions.

1. Digital Signature: Efficient,
Cut Cost and Manage Risk
Formula for Strong Digital Security

2. Signature
A person’s name written in a distinctive way, pattern
or characteristic as a form of identification by which
someone or something can be identified
RafidahAriffin

3. Sumerians, inventor of writing also invented
the first authentication mechanism, intricate
seals
History of Signature

4. This practice remain unchanged for over
1,400 years. Today it is still used and
applied in much the same way – by
scribbling one’s own name.
Affixing handwritten signatures practice
began within the Roman Empire in the
year AD 439, during the rule of Valentinian
III
History of Signature

5. Why fix something
that isn’t broken?

6. Security Objectives of A Signature
Authentication
Data Integrity
Non-repudiation

7. Easily forged
Does not maintain data integrity
Can be repudiated
However, Handwritten
Signatures…

8. Digital Signature
Also known as “Electronic
Signature” or “Digital Signature
Scheme” or “electronic seal”
Binary or digital code attach to an electronic transmit
message or document to authenticates and executes a
document and identifies the signatory.

9. Digital Signature Act
1997

10. “Security and commitment are key issues for commercial online
transactions, as the Internet is an open network prone to problems such
as identity, legal commitment, third party interference and manipulation
of information.”
- Malaysian Communication and Multimedia Commission (MCMC)
Introduces and implements the usage of Digital
Certificate for Internet based commercial
transactions.
In effect since 1st Oct 1998

11. Types of Digital
Signature

12. Certificate Authority (CA)
Revoke
Signed
on 2008
Basic Signature
Trust Status

13. Long-term Signature vs Basic Signature
Long-term signature
Basic signature
Certificate Status Info Timestamp
101100110101…
Hash encrypted with signer
private key
101100110101…
Hash encrypted with signer
private key

14. Why long-term signature is
important?
E.g. Bank Negara require records to be kept for 7 years.
In the period of 7 years, long-term signature will definitely preserve
the validity of signer.

15. How Does Digital
Signature Benefits
Your Business

16. Advanced Digital Signature Solution
(ADSS)
• Protecting information output
– signing and timestamping, notarising and archiving services for e-
invoicing, statements, acceptances, reports etc
• Protecting inbound information
– notarising/timestamping and archiving services for any received information for
larger organisations
• Protecting internal document workflows
– signing/approving documents or data to confirm a chain of approval (Server or Client
held documents)
• Confirming external transactions
– Using intelligent web-forms that results in both end-user signing and
corporate counter signing
– Allowing client documents and files to be signed + uploaded

17. ADSS - Services
Comprehensive e-business trust services
• Digital Signature creation - Server-side & client
side
• Digital Signature Verification Service
• Certificate Validation - OCSP client and OCSP
Server
• Timestamp - TSA Server
• Web-services Certificate Authority Services

18. Comprehensive integration options
• Web-services and HTTP, HTTPS services
• Auto File Processor (Watched Folder Mode)
• Secure Email Server
• Integration with business application that
requires workflow
ADSS – Integration Option

19. ADSS – Supported
Documents & Signature
PDF Documents
- Basic signature (visible / invisible)
- Certify signature
- Sign & timestamp & Long-term signatures
XML Documents
- XML DSig (XAdES ES)
- Timestamps (XAdES ES-T)
- Long-term signatures (XAdES X-Long)
- Explicit Policy and Archive (-EPES, ES–A)
PKCS#7 / CMS / SMIME
- Basic signature (CAdES ES)
- Timestamps (CAdES ES-T)
- Long-term signatures (CAdES X-Long)
- Explicit Policy and Archive (-EPES, ES–A)
Historic Verification
OCSP Validation (immediate verify & long term sign)
Time Stamp Authority (TSA) Server
Sign Verify
 
 
 
 
 
 
 
 
 
- 
 
info@ascertia.com
 
 
 

20. ADSS – Signing Services

21. ADSS Client-side signing
Firewall
User
Business
application
ADSS Infrastructure
Servers
Firewall
Signing locally using local keys
External CAs
for OCSP and
CRL data
Go>Sign Professional
includes PDF viewing
and signing
functionality
It also enables DLP by
controlling local
saving, local printing
and screen copy.
Signature Verification
using trusted CA details

22. ADSS Client-side signing
• Documents can be signed anytime, anywhere
• A move from expensive paper based process to electronic
document
• DLP features included
• Signed using locally held private key from a Trustable third
party
• Protected under Digital Signature Act 1997
EFFICIENT
CUT COST
MANAGE RISK

23. ADSS Workflow Signing /
Verification
Sign
Verify
Timestamp
Review/
Approve
Countersign
Audit
Verify
Web Application
Review/
Upload
Review/
Approve
1 2 3 4

24. ADSS Workflow Signing /
Verification
• Document can be signed immediately by multiple person who might not
reside in the same office
• Can be integrated with any business application – document
management system
• A move from expensive paper based process to electronic document
• A single solution which offers multiple functions – signing, time
stamping & verification
EFFICIENT
CUT COST
MANAGE RISK
• Signed using private keys from a trustable third party
• Document’s integrity guaranteed with time stamping
• Protected under Digital Signature Act 1997
• Documents hashed using SHA-1 or SHA-2 with long key lengths

25. Auto File Processor (AFP) – File Signing &
Verifying
Auto File Processor
ADSS Server
Auto File Processor is a separate
Client Application that can:
• Watch multiple input folders
• Process documents intelligently
• Use one or multiple load-balanced
ADSS Servers to sign documents
• Manages each Signing Profile
• Manages all signing keys
• Performs signature generation
• Logs all transactions
• Provides detailed reports
One ADSS Server can be used or
for high availability two load balanced
ADSS Servers can be used
Final documents
(to be signed) Signed documents
Output FoldersInput Folders

26. Auto File Processor (AFP) – File
Signing & Verifying
• Multiple documents can be signed with a click of a mouse
• Signed documents are placed in a separate folders
• A move from expensive paper based process to electronic document
• Add new features to existing business application
EFFICIENT
CUT COST
MANAGE RISK
• Signed using private keys from a trustable third party
• Document’s integrity guaranteed with time stamping
• Protected under Digital Signature Act 1997
• All requests are securely logged

27. Internet
1) ERP system
sends email
ERP
System
Recipient
Secure Email
Server
ADSS
Server
2) Request
signature
3) Signature
4) Forward
email
5) Recipient
receives
signed email
Sign emails that are sent or received
Sign email attachments
Secure Email Server - signing email &
attachments

28. • Emails & attachments can be signed and verified automatically
• Preserves integrity
• Filter selection policies to be configured that define the type of emails
to verify
• A move from expensive paper based process to electronic document
• Add new features to existing business application
EFFICIENT
CUT COST
MANAGE RISK
• Sender & receiver clearly identified
• Signed using private keys from a trustable third party
• Protected under Digital Signature Act 1997
• All requests are securely logged
Secure Email Server - signing email &
attachments

29. • Provides multiple services
– Reducing the number of individual products required
• Provides a range of interfacing options
– Easy integration with existing business workflows
• Handles a number of document formats
– Supporting business needs for PDF, XML and Files
• Provides a range of signature formats
– Comprehensive signing and verification services
• Provides a single point of management & audit
– Comprehensive event and transactional logging
– Secure web-based management with role-based access controls
– Simplifies operational activities, reduces management and training costs, reduces
implementation & system costs
Advanced Digital Signature Solution
(ADSS)

30. ADSS - References
FINANCIAL INSTITUTION
• Deutsche Bundesbank and Banca d’Italia – To verify XML signatures
using long term and archive signature for security & legal strentgh
• LeasePlan, Belgium selected ADSS PDF Server to sign invoices and other
documents. Several thousand documents are signed each month using
long-term PDF PAdES signatures.
GOVERNMENT
• The British Library, UK - Long-term evidencing for the BL online digital
media archive.
• The National Communications Authority (ANACOM), Portugal - Uses
digital signatures for traceability, accountability and integrity to its
business document workflows.

31. Thank you.