Digital signature solutions for e-Notarisation and secure archiving

Business Need

Very often organisations need to archive important business documents anywhere from 2 to 10 years for compliance reasons. Specialist organisations responsible for maintaining archives on behalf of others, e.g. digital libraries may need to archive documents even for 100+ years!

The reason for archiving something is to be later able to prove things. For example, a particular online transaction took place with a customer, a particular instruction was approved by company executives, a particular company policy document was signed by an employee, and many other such examples.

In order for a digital archive to be able to be effective and stand the test of time it needs to be able to:

• Prove that archived data objects have not changed and are exactly the same as those submitted
• Prove the time when the archive objects were submitted
• Protect the archive objects for a long period of time, i.e. beyond the lifetime of PKI certificates, timestamps and algorithm weaknesses

In addition to the above the archive provider may need to digitally sign the input documents as part of an e-Notarisation service. This may include signing the content or witnessing an existing digital signature. In case of any existing digital signatures on the input documents the service must verify these fully and also store the verification evidence data together with the archived object for later proof.