Common Criteria
ADSS Server SAM Appliance
High-Trust Remote Signing
There are many benefits to remote (cloud) signing, in particular there is no need to deploy hardware-based smartcards or tokens to users. This makes remote signing more cost-effective and also much easier to use from any location on any device. However for high-trust business applications, it’s essential that the server-side signing is performed in a secure way such that user signing keys remain under the sole control of their owner. Ascertia ADSS Server SAM Appliance is designed to provide the highest levels of assurance for remote signing including up to eIDAS Qualified Electronic Signature levels.
Key Points
ADSS Server SAM Appliance is the first in the World to Pass the Common Criteria EN 419 241-2 Evaluation Process
The SAM Appliance provides a tamper-protected hardware environment for its secure processing which is designed to meet FIPS 140-2 Level 3
Users authenticate to the SAM Appliance using the Go>Sign Mobile app. A secure 2-factor authentication and authorisation protocol referred to as the “Signature Activation Protocol (SAP)” ensures only the owner can authorise the use of their remote signing key
The SAM Appliance integrates out of the box with Ascertia SigningHub and ADSS Signing Server products. It can also be easily integrated with third party business applications using our ADSS Client SDKs.
The Ascertia Go>Sign Mobile app is also available as an SDK for iOS and Android to allow the same functionality to be embedded into your own apps.
The SAM Appliance comes with an optional embedded HSM which is also independently Common Criteria EAL4+ certified against eIDAS Protection Profile standard EN 419 221-5. External HSM options also exist.
ADSS Server SAM is also available in software mode for remote advanced signatures (as opposed to qualified signatures)
Key Points
ADSS Server SAM Appliance is the first in the World to Pass the Common Criteria EN 419 241-2 Evaluation Process
The SAM Appliance provides a tamper-protected hardware environment for its secure processing which is designed to meet FIPS 140-2 Level 3
Users authenticate to the SAM Appliance using the Go>Sign Mobile app. A secure 2-factor authentication and authorisation protocol referred to as the “Signature Activation Protocol (SAP)” ensures only the owner can authorise the use of their remote signing key
The SAM Appliance integrates out of the box with Ascertia SigningHub and ADSS Signing Server products. It can also be easily integrated with third party business applications using our ADSS Client SDKs.
The Ascertia Go>Sign Mobile app is also available as an SDK for iOS and Android to allow the same functionality to be embedded into your own apps.
The SAM Appliance comes with an optional embedded HSM which is also independently Common Criteria EAL4+ certified against eIDAS Protection Profile standard EN 419 221-5. External HSM options also exist.
ADSS Server SAM is also available in software mode for remote advance signatures (as opposed to qualified signatures)
Specifications
Component
Specifications
Operating System
Red Hat Enterprise Linux 7.4 in GUI mode
DBMS
Percona XtraDB Cluster 5.7.21-29.26 for RHEL
CPU, RAM, Hard Drive etc
AIC-TB116AN
FIPS Barbone, 1x Intel Xeon E3-1200v5/v6
SCS-CPU-E3-1270V6
4-Core Intel Xeon Processor, 3.8GHz, HTT
SCS-08GB-DDR4-UR24
8GB DDR4-2400 unregistered ECC DIMM
Install-SCS
Server hardware Configuration
XF1230-1A0960
Seagate Nytro XF1230 SATA SSD, 960GB
HSM Protection/FIPS relevant hardware parts
HSM
Utimaco CryptoServer CP5 Se1500 PCIe
Ask us for more information on how we can help your business streamline paper processes by using electronic signatures to secure and protect key documents and data.
Ask us for more information on how we can help your business streamline paper processes by using electronic signatures to secure and protect key documents and data.
ARCHITECTURE
Our experience with the ADSS Server product and its availability and performance, is what I as an IT Professional and as Nikken’s IT manager of 9 years, believes makes Ascertia the standards by which all companies in this industry sector should consider following.
Andy Butterworth
IT Manager Nikken UK Ltd