[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Use case: Cloud signature services.
Hi, here is a use case submission regarding signature services deployed in the cloud. Regards, Tomas ----- Name of the member: Tomas Gustavsson Affiliation: PrimeKey Solutions AB Use Case: Cloud signature services There is a bussiness need in many application to create digital signatures on documents and transactions. When applications, and users, move into the cloud so should also the signing services. Both users and application have a need to sign documents. Examples as xml, pdf, odf, etc. There are different signature standards for all these types of documents. Example use cases for signed documents are applications sending signed messages to other applications (edi for examples), corporations producing receipts or official documents (sensitive reports, tax returns etc) and users with need for integrity protection (agreements, purchase orders, etc). Of vital importance for a signature service is authentication of users. Authentication is a prerequisite for authorization, without which signature services are virtually useless. In case of individual users there is a need to authenticate the individual and in case of organization signatures you need to identify the organizational identity of the user. Requirements: 1) Be able to securely identify - Individuals - Domains (organizations) 2) Provisioning - Provisioning of entities should not require provisioning with the signature service itself. 3) Authorization - Authorization configuration would preferably not have to be done in the signature services themselves. 4) SSO - Re-use authentication tokens, attributes and meta data in the could. Signature service should be able to use the same identify as the the "using" entities ans services. Best Practices: None at this point.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]