[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [id-cloud] Use case: Cloud signature services.
Tomas, thanks a lot for keeping your word (that you will submit on Friday). We will schedule your use case for a TC meeting in the future. Regards, Anil On 06/11/2010 01:59 AM, Tomas Gustavsson wrote: > Hi, here is a use case submission regarding signature services deployed > in the cloud. > > Regards, > Tomas > > ----- > Name of the member: Tomas Gustavsson > Affiliation: PrimeKey Solutions AB > > Use Case: Cloud signature services > > There is a bussiness need in many application to create digital > signatures on documents and transactions. When applications, and users, > move into the cloud so should also the signing services. > Both users and application have a need to sign documents. Examples as > xml, pdf, odf, etc. There are different signature standards for all > these types of documents. > Example use cases for signed documents are applications sending signed > messages to other applications (edi for examples), corporations > producing receipts or official documents (sensitive reports, tax returns > etc) and users with need for integrity protection (agreements, purchase > orders, etc). > > Of vital importance for a signature service is authentication of users. > Authentication is a prerequisite for authorization, without which > signature services are virtually useless. In case of individual users > there is a need to authenticate the individual and in case of > organization signatures you need to identify the organizational identity > of the user. > > Requirements: > > 1) Be able to securely identify > - Individuals > - Domains (organizations) > > 2) Provisioning > - Provisioning of entities should not require provisioning with the > signature service itself. > > 3) Authorization > - Authorization configuration would preferably not have to be done in > the signature services themselves. > > 4) SSO > - Re-use authentication tokens, attributes and meta data in the could. > Signature service should be able to use the same > identify as the the "using" entities ans services. > > Best Practices: > > None at this point. >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]