Electronic contract

The Universitat Oberta de Catalunya (UOC, Open University of Catalonia) decided to use Safelayer's TrustedX platform to make the process of hiring teaching staff more efficient, eliminating the need for paper thanks to the electronic contract. The foundations also needed to be laid for the future incorporation of the benefits of the electronic signature in other of the educational institution's processes.

Introduction

universitarioThe Universitat Oberta de Catalunya (UOC) is a higher level educational institution that is a pioneer in the intensive use of the Internet as a resource to create, structure, share and disseminate knowledge.

In the case of  UOC, which requires interaction with teachers-consultants from Spain and abroad, TrustedX removed the complexity associated with managing the number of Certification and Validation Authorities.

At UOC, students and teaching staff, which comprises teachers-consultants, use the Internet to carry out their educational activity and for administrative transactions with the Institution.

From the outset, UOC has taken into account the importance of digital identification systems for undertaking its activity. Above all, and at a time that coincides with the mass deployment of certification services such as the new e-DNI (electronic ID card) and FNMT (Spanish Royal Mint), UOC views electronic signature technology as a key tool for becoming more competitive and improving services.

Every quarter, UOC formalises some 1,500 collaboration agreements with teachers-consultants, which require a paper copy that must be signed by each of the consultants and the institution itself. The copy is then handed in or sent by conventional mail. For an entity that does not usually require physical presence, the use of paper complicates procedures, making it slower, error-prone and demanding additional administrative resources.

Challenges

Plans initially centred on incorporating the electronic signature to the electronic contract process, with the purpose of introducing it gradually to each and every one of the common management procedures. Therefore, the initial implementation needed to lay the foundations for the subsequent deployment of the technology in the remaining processes: it was essential to have a series of universal security functions that were the same for all current and future procedures.   Implementing the electronic signature required all teachers-consultants to hold a digital certificate enabling them to identify themselves and use their signatures electronically for communications with the Institution. UOC needed to recognise multiple Certification Authorities (CAs) located in the geographical areas of its users. To achieve this aim, it became evident that there was a need to implement tools capable of simplifying the management of the different recognised CAs, both national and international.

Success Strategy

One of the premises for implementing the electronic hiring procedure was that it had to faithfully emulate the procedure carried out using paper or even for a possible coexistence of both media. Once the contracts were generated, the application had to start a flow that would end with the registration of the new teacher-consultant once he/she and UOC had signed the corresponding document.

The application had to verify the electronic signatures of both parties and add the corresponding time-stamp, in addition to evidence to corroborate the validity of the signatures in subsequent audits. It consists of a set of security functions that also require the recognition of multiple Certification Authorities (CAs), interconnection with Validation Authorities (VAs) and a Time-Stamping Authority (TSA).

UOC decided that it needed a tool that offered a complete set of security functions, in such a way that the strategy to deploy electronic signatures in other processes had to involve the consumption of specialised services. These security services would be responsible for providing applications with security functions and preventing them from having to be systematically modified in order to "embed" them with common functions. Service-Oriented Architectures (SOA) and Web services (WS) technologies express this concept, whereby applications use different common specialised services.

The TrustedX trusted services platform by Safelayer faithfully implements this idea, offering a series of global and standardised security services as web services, with well-defined, standard interfaces that enable applications to connect and use them.

UOC implemented TrustedX to endow the electronic hiring application with electronic signature in a simple and fast manner. In addition, the TrustedX platform was particularly appropriate for UOC since it guaranteed that the same security services could be used from different applications, in the same way and regardless of the type of digital certificates recognised at any given moment. Another of the features that UOC valued in terms of investment protection was the complete support that TrustedX offered for all standards and functions of electronic signature, authentication and data encipherment.

Lastly, TrustedX enabled UOC to establish and maintain a series of common trust policies as well as a centralised control and auditing system. In the case of UOC, which requires interaction with teachers-consultants from Spain and abroad, this feature of TrustedX removed the complexity associated with managing the number of CAs and VAs. Furthermore, thanks to this TrustedX feature, applications were completely relieved of the need to maintain configuration parameters, and they could be transparently and centrally managed through these applications by the Institution's head of security.

In the case of  UOC, which requires interaction with teachers-consultants from Spain and abroad, TrustedX removed the complexity associated with managing the number of Certification and Validation Authorities.

Benefits

Thanks to the electronic signature process, both the teacher-consultant and the Institution may have technical and legal guarantees of authenticity and integrity. In addition, the process for registering new consultants will be greatly simplified since consultants can hold digital identity certificates issued by any national or international Certification Authority (CA) that is trusted by UOC.

TrustedX has enabled UOC to implement a highly process-oriented solution, offering a series of very high-level common operations that greatly facilitate the integration of signature processes. The Institution is currently equipped with the required infrastructure as a basis for the ongoing improvement of its current processes and its service to users, students and teachers-consultants.

We use cookies to improve our website and your experience when using it. Cookies used for the essential operation of this site have already been set. To find out more about the cookies we use and how to delete them, see our Privacy Policy.I accept cookies from this site