Horus metasign A non-repudiable signature creating and verifying secure transactions
In a context where Keep control of security For applications, Hardware Security Modules organisations are moving to (HSM) may be used for the same purpose. Metasign creates and verifies electronic Electronic signatures guarantee the integrity paperless transactions, it is signatures using the following formats: CMS, of documents and identify the signers. Once CAdES, XAdES or PAdES, and in conformance necessary to electronically sign a signer has produced a signature and the with declared signature policies. Metasign documents to guarantee their signature has been verified, the signature is supports time-stamping tokens generated secure and may no longer be repudiated. integrity and to be able to bring by Atos metatime or by other time-stamping the proof of acceptance by the Each signer (e.g. a user or an application) solutions. uses a signature key pair (a public key and Metasign supports the following functions: signer. The signature has to be a private key) and a public key certificate verified strictly so as to detect generated by a Certification Authority. • Signature creation: creation with the requested format using the signature Metasign can use signature certificates any possible cause for invalidity. policy and the configured cryptographic generated by the Atos’s solution metapki or token; multiple signatures and co- Atos, a European actor in IS other PKI products. signatures are supported security, provides metasign, an For users, the signature private key and the • Immediate verification (and overall solution to create and signature certificate may be stored in a smart augmentation) : cryptographic signature verify electronic signatures. card or in a USB token protected by a PIN, or verification following its creation and alternatively in a file in the PKCS#12 format. adding the necessary information to Private keys and certificates are accessible maintain its long-term validity with report either through a PKCS#11 interface or a generation MSCAPI interface. • Subsequent verification: verification by relying parties and generation of a report.
Atos, a European actor in IS security As a European security leader, Atos has developed an unique expertise in securing 4 - Subsequent information systems, delivering consultancy, verification integration and expertise services in trust technologies.
Signed and 3 - Diffusion and/or augmented archiving
document oft
Metasign
2 - Verification in compliance with a Signed document signature policy. Adding information: • Time-stamp token • Revocation information Metasign
Document to sign 1 - Document signing • Hash of document
Trusted partner for your Digital Journey Metasign offer and its functionalities
Metasign-api Metasign-adp configured in the administration interface. Metasign-api is a full set of Java programming Verification can take place with reference interfaces allowing different integration Metasign-adp is an optional component that to the current time or to a time in the past. scenarios: allows archiving of the signature on a server Trusted Certification Authorities can be extracted from European trusted lists (TSL). • Java applets for web browsers for later retrieval as proof elements. At the time of the signature creation, metadata • standalone applications for personal are added and stored with the signature Signature formats computers and the document. They may then be used Metasign supports advanced electronic • server-based applications. to retrieve the information for signature signatures conformant with the CMS, CAdES (CMS Advanced Electronic Signatures), Metasign-applet verification and history. XAdES (XML Advanced Electronic Signatures) Metasign-applet is a full set of applets that and PAdES (PDF Advanced Electronic can be easily configured to provide signature Vericert Signatures) technical specifications as defined creation and/or signature verification Vericert is an optional “web service” server by ETSI (European Telecommunication functions into web-based applications. component. It verifies certification paths Standardisation Institute). against verification policies that can be Metasign-workstation Metasign-workstation is a standalone application running on a PC. Users can sign Web application Working station Network application multiple documents in a one step process. Metasign-applet Metasign-work station Metasign-server The main goal of the application is to simplify the usage and the deployment of digital signatures. Metasign-server Metasign-server is a “web service” server that signs and verifies documents. Its administration interface is provided for configuring applications and signature policies. Metasign-api The server can be used to sign in the name of an entity or to sign in the name of a physical person CMS CAdES XAdES PAdES with a centralised and secured management of signature keys.