Publications

 

Confirm it with an e-seal

 

Electronic Seal is a new solution incorporated in the eIDAS EU Regulation. Using the Electronic Seal to secure evidence of electronic transactions can facilitate the implementation of electronic services for individuals, reducing the need for them to use the electronic signature.
Electronic Seal is designed to ensure the integrity and authenticity of documents sealed with it. The Seal certificate contains information, which defines what exactly does “the authenticity” of the document imply. Authenticity of an electronic document may mean that the sealed document has been created or processed in accordance with rules regulated by certificate or certification policy.

The eIDAS Regulation specifies that only a legal person can create a seal. The creation of an electronic seal guarantees the authenticity of the document in accordance with the terms of use of the electronic seal, which are defined in the certificate or certification policy.
An advanced electronic seal is created using the data, which is under the control of the creator of a seal. Incidentally the eIDAS Regulation does not specify how this control should be implemented. In this area the eIDAS regulation leaves some freedom and allows the creator of a seal to establish their own control measures over data used for placing the seal.

Read more...

 

eIDAS – A new perspective in Trust Services

 

In September 2014, after fifteen years of the Directive[i] on electronic signatures, a new regulation eIDAS[ii] has entered into force. Its aim is the introduction of a new quality within the use of electronic signatures. This regulation shall substitute the so far directive as of July 1, 2016; until then the member states have to prepare a law at national level, and the European Commission has to establish all details included in the implementing acts. The most important element of eIDAS is that following its introduction a homogenous market is being established, with homogenous rules in all European Union states, in which providing trust services cannot be limited by specific member states’ rules.

Read more...

 

Trust services for business processes

 

A presentation given by Michał Tabor during the European Forum On Electronic Signature in Międzyzdroje, titled “Cloud of Trust” The needs of the commercial market in the field of digital processing, are much larger than those provided by most tools. Economic growth enforces business processes to be easier and faster with the use of the Internet. The electronic signature as a way to secure only the document and not the whole digital service will not meet the demands of the market. The newly implemented electronic signature must provide security mechanisms for all business processes. This paper provides a general overview of Cloud of Trust - a framework for providing security services for a variety of electronic transactions.

Read more...

 

Security services as an added value to e-banking

 

A presentation given by Michał Tabor as a Polish IT Society member during the II Banking Security Forum. Presentation concerns the services, which can improve the security of financial transactions. It emphasizes the usage of an electronic signature as a service.

Read more...

 

The only one and proper signer identity verification?

Introduction

A draft of regulation of the European Parliament and the Council on electronic identification and trust services for electronic transactions in the internal market has been published in June last year. The regulation will establish only two identity verification methods in process of issuance a qualified certificate. Is it possible to establish a single and proper identity verification method without a risk analysis?

Read more...

 

Smart paper

Abstract

The computerisation of civil service processes is a very complex and multifactorial project that not only needs actions concerning technology and adaptation of IT infrastructure, but also a change in the way these processes are being run. To achieve this there is a need for a change in the administrative proceedings, and in creating and storage of electronic documents in particular. Goal of this document is to propose a model in which computerisation of public service administrative proceedings will be supported by solutions that enable citizens to use paper and electronic documents interchangeably.

Read more...

 

Wanted!!! Electronic signature user

The market for electronic signature can be much wider than the needs of the public administration. To offer business services it is required to define expected advantages from usage of electronic signature technology in business transactions. The advantages need to be expressed in amount of money and time, but first of all, the beneficiary needs to be specified - i.e. electronic signature user. Until now electronic signature offer has been addressed to signers but the advantages that they had from using the signature were insignificant. In this article I am defining who in my opinion is an electronic signature user and whom the business offer should be addressed to.

 

PKI 2.0 – Light Certificate Infrastructure

  • Light Certificate Infrastructure allows to build advanced electronic signature services tailored to the needs of individuals.
  • Typical electronic signature infrastructure is based on certificates, which contain and confirm all the information that can be used for signature verification whereas the electronic signature itself and the process of signing stays uncontrolled.
  • PKI 2.0 shifts the accent from the Certification Services to Signature Services, allowing to provide services that are much more flexible and customized.
  • In PKI 2.0 the credibility of a electronic signature is guaranteed by aSignature Authority from the very moment of the signature creation.

 

Lightweight electronic signature certificate

 

The enacted over a decade ago directive on electronic signature specified a paradigm binding in electronic signature technology that a certificate should identify the signer (regardless whether it is a natural or legal person). It implies that if signature is verified with certificate, it unambiguously indicates signer. In this article I would like to discuss whether this paradigm, restricted with technology of Public Key Infrastructure (PKI) should remain unchanged in new wording of the directive and Polish legislation.

Learn more...

 

The officials signature 2.0

Article shows strong and weak points of the use of an ID card as a tool used by officials and is a response to ideas for the introduction of such a solution in Poland. It also shows ways to use technology and the business logic provided by the PKI 2.0 to ensure the security of documents processed by the officials. Only in Polish.

Learn more...

 


Trusted Information Consulting Sp. z o.o. informs that it has exclusive rights to the following solution, which consist of the architecture concept, software, code and procedures. It is also the owner of any documentation, that describes organization principles, design and operation of PKI 2.0, which are copyrighted and protected by international law on copyrights and other law and international agreements on protection of intellectual property.
The use, installation or distribution the following solution are considered a license agreement and acceptance all of its provisions. In a case of disagreement to any of the provisions of the contract one should resign from installation, distribution or the use of PKI 2.0 solutions as a whole or any of its parts.
Regarding the licence agreement please contact Trusted Information Consulting Sp z o.o. mail: ticons@ticons.pl