TDL Meeting7-8 April 2014 //Vienna

Sprint Proposal

The key of a legal on line signature:

The inseparable link between

e-Authentication, e-Signature and e-

Validation

Description of innovation

Certiway’s Ecosystem

Introduction of assurance levels in real time transactions

Real-time contractualisation of each bilateral relationship and provision of legal claim

Validation platform, CERTIWAY, to guarantee end-to-end trust: revocation list management, data domiciliation & data consolidation, accountability between all service providers, recovery, resilience (ISO 27006 and 27035), interoperability

Description of innovationCertiway’s Ecosystem

Description of a use case of new trust services and e-ID regulation (eIDAS) for cross border digital signature, applicable for handling real time processing of mass transactions.

Use Case including:

- a strong e-Authentication TDL Microsoft

- a qualified electronic signature creation device TrustSeed

- a validation of qualified electronic signatures CertiWay

- Legal evidence and privacy’s protection CertiWay

The urgent needs of Businesses and Users

• New control technologies for digital identities – e-authentication– Establishing trust frameworks and increasing the interoperability of

trust services– New design principles for easy and cheap deployment of complex

architectures, e.g. architecture serving complex identity infrastructures

• New solutions digital signature, easy, cheap and legal– Easy to use, easy to deploy– Insurance levels for guarantees

The urgent needs of Businesses and Users

– Compliant with upcoming European Regulations :

REGULATION on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation)

REGULATION on the protection of individuals with regard to the processing of personal data and on the free movement of such data

(General Data Protection Regulation)

DIRECTIVE concerning measures to ensure a high common level of network and information security across the Union (NIS Directive)

Benefits

• The innovation linking in real time… : From a basic to a high eID security level Strong authentication Bilateral contracts e-Signature and their validation Validation (authentication, signature and delivery) Control of the document to sign : its integrity and these mandatory data Respect of the privacy Assurance levels

… is the only way to be compliant with the three upcoming European Regulations.

This innovation makes your business get a head start.

Benefits

In the meantime, the innovation allows : - an effective protection of the data of citizens and of businesses

“PRIVACY BY DESIGN”

- only the electronic exchanges previously agreed “ACCOUNTABILITY” & “TRACEABILITY”

- Focus on your core business and entrust liability to the qualified trust service Providers

“ENTRUST LIABILTY”

- as a consequence: the drastic reduction of fraud and the capability to save money

“STRUGGLE AGAINST CYBER CRIME”

Use Case: 1.

Joining TDL

Sign legally online the TDL membership agreement

TDL Membership

Prospective member applies for

membership

Written application send to the TDL office

Board of Directors approves applications

Member accepts articles of Association

&Rules and Policies

Application form contains:– Signature– Contact details and billing

information– Adherence to Articles of

Association – Adherence to rules & policies

Weakness in process!1. No control if the signature is from

an authorised representative2. No bilateral signature3. No version management of signed

AoA & Rules and Policy connected to the signature

2.

By signing online

in compliance to the upcoming regulations

Stored in the cloud:• Applicant Company Z• Agreement version .X• Rules & Policies version .Y

Authorised to access TDL office 365 Agreements

Signature of agreementby applicant

Signature of agreement by TDL Board of Directors

Storage of sealed legal proof documents

Electronic agreements Probative value Proof of exchange Attribute for invoicing Attribute for access 365 Proof of acceptance Legal archiving (WORM)

E-authentication platform

E-signature platform

Validationplatform TDL office 365

General flowchart of the processes

TDL countersigns agreement without membership fee

PenSeal Signature and Verification

Service

Validation Service Provider

Contract deposit

Signature Proof Creation

Contract Signed + Proofs deposit for archiving Proofs Transfer request

Contract Signature information for TDL Board

Authentication + Signature Request

TDL BoardTDL Entreprise Application Portal

Service Invocation of Electronic Signature

Prospective memberMS Azure Sharepoint

PIN Entry

Strong Authentication Activation

Strong Authentication – Phase 1

PIN CheckApproved

Contract Signature Notification for prospective member

Contract Sign

Strong Authentication – Phase 2

contract is shown to TDL Board

Signature validation and hash creation

Signature validation approved notification

Request for reviewing contract

Receipt Proof Creation

Validation Request

Validation Request

Step 3

Step 4

Use case overview

• Immediate Perspective

In our solution, we use the Microsoft claim system completed by the TDL

check of the supporting documents uploading by the Prospective Member.

• Tomorrow Perspective

There will be different attribute providers that will be in charge to attest

the authorized signees of companies .

Feedback on the sprint

What have been done so far: Researched the interface between the Microsoft e-Authentication

platform

Researched the interface with TDL office 365

Worked out the workflow

… and What needs to be done: Implementation of a use case in TDL community

Costs estimation for the Sprint

Total budget for the sprint: € 81.000 Requested budget: €25.000Method of cost estimation: 3 persons x (nb man days) x (500€)

Already executed: approx. 8 man days = 12k euros• Conceptual design and technical feasibility check• Use case description• Research aspects of relying party (TDL contracting)• Preliminary workflows

Needed to finalize the sprint (refer to slide 18 with details)• Analysis (legal functional): 10 man days• Design phase : 10 man days• Implementation phase : 16 man days• Dissemination of results (public paper): 10 man days• Costs for availability technical platform: 6.000,-• Costs for travel and unforeseen: 4k€

Use Case – Implementation view

TDL membership agreement signing

Use Case – Implementation view

Signing the TDL membership agreement

TDL Sprint requirements

• Design phase :– Detailed storyboard and technical details– Review of existing components and apps– Technical specification– Prototyping API’sValidation for implementation phase

• Implementation phase :– TDL uses OFFICE SHAREPOINT 2013 on 365: need technical description of

document formats, web application– UIA Authentication service: need technical description of service– Access to a TDL test environment: office365 and E-authentication (test

bed)– WSDL and service point addresses of existing web services

Contribution to the

TDL ATTPS Testbed & TDL innovation lines

• Trusted stack– Trust framework architecture providing e-commerce middleware to guarantee probative

value of any ”interchange” transaction and payment delivery.– Trust service provides an claim to prove validity of audit (level and duration)

• Data life cycle management– Revolving probative value to extend the life cycle of the digital signature. (also part of

regulation)– Legal archiving of signatures & documents in the cloud and proof of exchange (transparency).– Management of transaction recovery (traceability of the transaction)

• Service integrity– Guarantees the integrity of the documents

• ATTPS TESTBED– Other relyping parties and attribute providers can keep autohorized signees of companies.