Solution Description

Solution 1: Identity Assurance / Validation

When users connect to web-based applications or use local applications there may be a requirement to verify user identities and check their current trust status. This can be done using web-servers such as IIS or Apache, custom server applications or even desktop Windows based applications (based on Microsoft CAPI platform).

ARP and ADSS OCSP Server together form an incredibly powerful solution for enabling advanced CRL and OCSP services for a range of business applications. ARP provides the OCSP/CRL client functionality whilst ADSS OCSP Server provides a powerful Validation Authority Server.

Key requirements of such solutions are central policy management and policy flexibility to provide for clock drift, for system failure and failover processing, detailed logging and history viewing. Ascertia excels at all these areas. Of course standards-based third party OCSP clients can also be used instead of ARP.

Note: Some organisations are looking to off-load the client from all the responsibilities of certificate path building and validation. For such use cases, Ascertia recommends the use of ADSS XKMS Server or ADSS SCVP Server instead of OCSP. Ascertia ADSS Client SDK enables business applications to easily integrate XKMS or SCVP client-side functionality in only a few high-level lines of code.

Solution 2: Server-side Signature Verification

Data received from customers, suppliers, partners, Governments and financial and legal institutions that have signatures attached should be verified immediately on receipt to ensure that trust can be established and audit trails kept. Signatures may be in a variety of formats including PDF, XML or PKCS#7/CMS. Documents may also be in various formats and include multiple signatures.

Used in this way ADSS Server can act as a pre-processor for existing business systems – checking that the data can be automatically processed or flagging via the business application that human intervention is required to resolve the trust issues found. Information can be returned from ADSS Server to the application showing the trust, quality status and other data from the digital signatures.

Systems that receive signed regulatory reports, e-invoices, orders, tender documents, etc need such a system to flexibly review and trust the signatures from various trust schemes

Once the business application receives the signed data it can request ADSS Server to verify the signatures and establish the trust status for each of these. If they are good then automatic processing can be established with archived evidence of the verification process. If the signatures are unacceptable then the document can be filtered out for separate review.

Continue to Why Ascertia >>

Product Categories

Solution Categories

Server Products

Desktop Products

At Your Service

Popular Keywords:

Digital Signature Solutions - Digital Signature Verification - Electronic Signature - OCSP Responder - PDF Digital Signatures - PDF Signing - Timestamp Server Validation Authority - XML Signing - Cloud-base Contract Signing

Copyright © 2002-2011 Ascertia. All rights reserved.

Company | Privacy Statement | Contact Us

Ascertia is a global provider of Digital Signature products and solutions that enable trust within electronic workflows. Organisations can now safely cross the final hurdle in migrating old paper-intensive approval processes to the new secure digital world. Ascertia’s Digital Signing products are designed to be easy to integrate and use in a range of business scenarios.