Web services platform for managing digital signature processes:
- Client-side or server-side signatures, using a centralized key store
- Advanced electronic signature verification functions in different formats
- Non-repudiation services, extending the electronic signature's validity over time
- Trust level management for CAs and VAs, both qualified CSPs and corporate CAs
- Broad support of integration mechanisms: REST/WS, SOAP/WS, Java APIs and Watched Folders
- Designed to manage large volumes of users, certificates and signatures
- Greater security and control through a centralized auditing and reporting system
- Users transparently access the keys held by TrustedX and only need to know a password.
- Integrates seamlessly in desktop applications via standard plug-in.
- TrustedX watches the content of designated network folders and executes a series of actions on all the files place in them.
- Oriented to both users and applications. To sign, just do a copy & paste operation on a folder.
- Provides a set of security mechanisms that can be used as a service using REST/WS, SOAP/WS or Java APIs.
- Custody service of electronic signature, for the maintenance of electronic signatures over time.
- Electronic signature on server
TrustedX acts as a centralized repository of keys and digital certificates so that corporate users and/or applications can use them remotely without having to store them locally. This approach provides greater control over the use of keys in an audited manner and simplifies deploying, maintaining and using the PKI through centralized management. The authentication and access control offers a range of mechanisms and trust levels, and the system can be easily integrated with other repositories for managing digital identities.
- Semantic interpretation of electronic signatures
TrustedX is the most complete digital signature platform of its kind. Multiple CAs can be managed, all electronic signature formats are supported and all complexity related to managing trust is removed from the applications. The incorporated semantic services support obtaining all signer/signature data along with a trust level indicated using discrete values (4 levels) and labels (i.e., Government, Corporate, Finance, etc.).
- Cost saving and flexible integration
The product can be quickly deployed thanks to its standardization and multiple integration options. It can be used (i) from user applications through plug-ins, (ii) as a Web service and (iii) by means of watched folders. The product incorporates an integration gateway that uses pipelines for the straightforward integration of data and common-task processing.
- Centralized management, auditing and non-repudiation
TrustedX provides the centralized management of all digital signature policies, the preservation of electronic signatures, and logging and auditing. This allows the corporate control of the use of the cryptography, the effective management of recognized CAs/VAs and the transparent maintaining of electronic signatures when required owing to the expiration of certificates and the renewal of cryptographic material.
- Centralized key repository, so that can be used by a network connection.
- Includes plug-in which allows the transparently use of PKI keys from the user’s desktop.
- Add corporate user repositories (LDAP) and existing authentication mechanisms (OTP).
- The field of use may be corporate (integrated into desktop applications) or the Internet (desktop or mobile).
- Module that allows users and applications to use network folders to start unattended signature processes of one or more files.
- TrustedX monitors the contents of a network folder, executing a series of actions on the files that are stored in this.
- Once processed, TrustedX stored firms in an output folder, also accessible by network, including a report of the results.
- TrustedX is known for supporting multiple watched folders and allow the definition of chained actions
TrustedX incorporates functions that provide a set of security and trust mechanisms as services. These services can be used in different formats as they support different integration strategies:
- Java or .NET APIs: Allows easily integrating electronic signature services in native Java applications and .NET (**).
- SOAP/WS: Using the OASIS DSS standard as an access protocol for Web services.
- REST/WS, SOAP/WS: Using TrustedX's integration gateway, which supports configuring traffic and data processing with an XML pipeline language.
The platform includes a Java Applet for signature integration scenarios with user cards in Web environments.
The following service can also be added:
- Electronic Signature Custody. Preserves the non-repudiability of the electronic signatures, by transparently interacting with the non-repudiation service and managing signature and e-document metadata.
(**) Please, check for availavility.
The following figure illustrates the possible TrustedX architectures. The TrustedX functions can be used as a (i) trusted Web service, (ii) a trusted gateway between applications (iii) or a combination of (i) and (ii) (not shown in the figure).