What is Alfresco Digital Signature?
A digital signature is basically a computerized way to authenticate electronic documents—similar to an electronic fingerprint but with additional levels of electronic security and information embedded in the ‘signature’.
The digital certificate binds together a public key with a private key and indicates the unique identity of the entity that created it. A digital signature also contains authentication of the certificate-issuing authority and can be used to verify the document and its contents.
The Alfresco Digital Signature addon is a module developed by Skytizens that allows users to produce digital signatures on their documents from within the Alfresco Document Library. Using the digital signature module by Skytizens saves your company time and money by handling certificates in the same place where your documents are stored.
Why is Digital Signature so important?
- Security – authentication trail guaranteed
- Lightning speed – approvals and collaborative work gets signed within minutes
- Effective – authorize internal documents or send urgent information securely via the web
- Low cost – no need for paper, printers, fax machines, courier services, or notaries to record who the document came from and when—all this information is included in the digital signature
- Cutting-edge – Skytizens has developed the first enterprise-level professional-rated solution for using digital signatures within Alfresco
- Automation – eliminates the manual steps involved with sending files for digital signature. As part of a signature workflow process or folder rule, files are sent for signature automatically.
The Benefits of Digital Signature
Skytizens has developed the Digital Signature Alfresco addon so that users can have access to the powerful capabilities of authentication. Digital Signatures are powered by public-key infrastructure (PKI) so it alleviates concerns about identity and authorizations when it comes to electronic transactions. The Digital Signature module also allows you to expedite your business processes. We integrated the digital signature capability directly into Alfresco to allow users to sign paperwork without exporting. With this addon, our clients can transform paper processes and formal authorizations into a fully electronic web-based workflow.
How Does It Work?
The Skytizens Digital Signature module for Alfresco uses the PKCS #12 format to create certificates on documents. The PKCS#12 is an internationally accepted standard of certificate which stores your certificate key in an encrypt-able file in binary format.
The filename extension for PKCS #12 files is “.p12” or “.pfx”. In cryptography, PKCS #12 defines an archive file format for storing many cryptography objects as a single file. PKCS files may be encrypted and signed or handled in an internal storage container called a “SafeBag” which is encrypted and signed. PKCS #12 is one of the internationally recognized family of standards called Public-Key Cryptography Standards (PKCS) published by American network security company RSA Laboratories.
To put them to work, an Alfresco user must first create a digital signature that identifies the person signing. Alfresco has this ability. Once created, this certificate is stored in Alfresco. After the certificate is saved in the system, a user can choose to Add electronic & digital signature to any document in the Document Library using the action menu on the file. The user must fill out the e-form with the information for the digital signature including a password.
RSA is the key type used by this module for encrypting the certificate’s password. RSA is named after Ron Rivest, Adi Shamir, and Leonard Adleman, who first publicly described the RSA algorithm in 1978. RSA is an asymmetric cryptographic algorithm meaning there are two keys involved—the public key and the private key. The public key can be known to everyone while the private key is also necessary to decrypt the password.
Users have the option to encrypt the data content of the document simultaneously while adding the digital signature. Your Alfresco password is required during this process, as well as anytime you digitally sign a new document.
Once the document has been assigned a digital signature, the document is secure. Nobody can edit the document content without a recorded trail of the change in content. This means that if you receive a document with a digital signature, you can check to be sure the information is original, intentional, and from the person listed in the signature.
Main Features
Setup Digital Signature – To create a digital signature, the user selects Create from the Skytizens Features in the Alfresco user profile. The user must fill out the parameters of the digital signature.
- Create Certificate in Alfresco – The fields can be used according to your company’s business processes. Below are suggested uses.
- Password – Alfresco system password for access to this certificate
- Re-Password – retyped for security reasons
- Alias – shortened name field
- Key Type – RSA
- Key Size – # of characters allowed in field (i.e. 1024 or 2048)
- Validity – # of days you want the certificate to be valid
- Alert – system can alert user when the certificate will expire via email
- Create – electronic signature to accompany the digital certificate
- Upload – upload an electronic signature from the local computer
- Common name – first name of certificate creator
- Title – e.g. filename
- Organization Name – e.g. company name
- Email address – signer’s email
- Organization Unit – e.g. department
- Location – city or branch
- State – geographic region
- Country – location of your company HQ
- Electronic Signature – Upload or Create (using the Alfresco whiteboard) an electronic signature to use specifically on digitally signed documents
- Add – add a certificate from a secondary software application (e.g. Adobe or similar) that you or your company has purchased for this reason
- Delete – delete the current certificate to make room for a new one; only one digital signature is kept on file at a time
Certificate Auto Save – Your unique certificate will save to your system files in a folder labeled My Certificates. The file can be identified by the .p12 file extension. It will be used for all future digital signatures. If you created an electronic signature for this process, it will be saved in the same folder.
Types of Documents – This module allows Alfresco users to sign various types of documents:
- PDF documents
- XML documents
- All documents convertible into PDF (the plugin first converts the document to PDF)
Digitally Sign a Document – Signing a single document is easy. Select Add digital signature from the action menu to complete the following options:
- Preview – a small version of the document will display a ‘floating’ electronic signature so you can move it around the page or eliminate it
- Electronic Signature – often used alongside the digital signature, the user has all the standard options for electronic signature at their disposal (i.e. signature file, add name and surname, add current date, digital stamps, save as)
- Sign document digitally – tick the box to proceed with digital signature; text fields will open below for options
- Keystore password – the user’s Alfresco system password
- Sign reason –information about why they are adding a certificate
- Sign location –the name of their city or office branch
- Sign contact – signer’s name for reference
- PDF Encryption option – tick the box to encrypt the data content of the document simultaneously
- Save to Destination – choose where the file will be saved once the digital signature is executed
SIMPLE Auto Digital Signature (by Folder Rule) – Users can create a special folder that will add a digital signature to all files that enter using the Digital Signature Pro rule.
- Select Certificate and Signature – Find the certificate and signature you created in setup
- Keystore Password – user’s Alfresco password to authorize all future signatures in this folder
- Signature Fields – Three fields are required for all digital signatures. For this automated folder to work, the user must either (a) edit the document to include these fields in the file index or (b) add a 2nd rule to the folder called Specialize Type. The digital signature will bear the information that you input here.
- Reason – the reason for applying a digital signature from this folder
- Location – free text field for user to make notes
- Contact – identify the user who controls this folder
- PDF Encryption option – leave this box blank/unticked
- Signature position on the page – Choose a location for the signature to appear on the document according to readability and layout:
- Center of the page
- Top-Right of the page
- Top-Left of the page
- Bottom-Left of the page
- Bottom-Right of the page
- Page to sign – choose which page the signature will appear on the document
- Specific page
- First page
- Last pageDestination Path – where the files will be saved once the digital signature is executed
CUSTOM Auto Digital Signature (by Folder Rule) – This advanced version of the automated digital signature folder includes a myriad of ways to customize the resulting file. From options for extracting signature information from file properties to designating unique encryption passwords, using custom model types, and more. The customization capability of the module empowers companies to get as specific as they need with their digital signature security. This feature requires up to three rules on the folder.
Rule 1: Change Document Type – Using a custom model type, this will make sure that all files entering the folder have the correct index including the 3 signature fields required for digital signatures.
Rule 2: Designate File Properties – This rule populates the 3 signature fields for files that did not already have indexed information. It gives the system information to extract from the file properties to complete the signature.
Rule 3: Digital Signature Pro – This is the same procedure as the SIMPLE Auto Digital Signature above, with a significant number of ways to customize the output:
- Select Certificate and Signature – Find the certificate and signature you created in setup
- Keystore Password – user’s signature password to authorize all future signatures in this folder
- Signature Fields – This information will be used on all signed files in this folder. Users can designate a folder rule here or they can use to extract the information directly from the file properties.
- Reason – the reason for applying a digital signature from this folder
- Location – free text field for user to make notes
- Contact – identify the user who controls this folder
- PDF Encryption option – Tick the box if you wish to add a digital signature and encrypt the data content of the documents simultaneously. Users can designate a unique encryption key for this folder or use expressions to extract an encryption key based on a file property.
- Signature position on the page – Choose a location for the signature to appear on the document according to readability and layout:
- Middle of the page
- Top-Right of the page
- Top-Left of the page
- Bottom-Left of the page
- Bottom-Right of the page
- Page to sign – choose which page the signature will appear on the document
- Specific page
- First page
- Last page
- Destination Path – choose where the files will be saved once the digital signature is executed
Authentication – Required every time you sign a document, making the Alfresco Digital Signature addon a secure option every time.
Digital Signature appearance – Each document that has undergone a digital signature will be stamped with the designated information. If selected, it also features an electronic signature. The signed document can be opened in Alfresco or outside of Alfresco using a PDF viewer. The file will have the following information.
- Digitally Signed by – name of the user who initiated the digital signature
- Date and Time stamp – this time stamp is taken from the Alfresco system’s main clock
- Reason – input from user
- Location – input from user
- Person – input from user
View Digital Signature properties in Alfresco (Table) – Each document with a digital signature has the detailed properties available for view in Preview Mode in the Alfresco Document Library. The properties are listed in a table below the action menu in accordance with user input when signing the document:
- Name – filename
- Title
- Description
- Author
- Signed by – Alfresco username
- Signature date – Date and timestamp from the Alfresco system
- Location
- Reason
- Signer
- Signature validity – Final date of signature validity
- Mimetype – original file type
- Creator – Alfresco username of file uploader
- Modifier – Alfresco username of digital signer
- Size
- Created Date – date uploaded to Alfresco
- Modified date – date digitally signed
View Digital Signature Properties outside of Alfresco (Pop-Up) – Each document with a digital signature can be downloaded and opened by a PDF viewer. By clicking on the Digital Signature stamp on the document, users can view a pop-up window with the following information:
- Validity – input from sender
- Time – this timestamp is taken from the user’s local computer
- Reason – input from sender
- Location – input from sender
- Validation Summary – This area details if the document has been modified since the time of the digital signature.
View Signer’s Certificate – Users can view a signer’s certificate and who authorizes the certificate. Digital signatures coming out of Alfresco from a company without Certificate Authority will appear as a self-signed certificate.
Save Signer’s Certificate – Users have the option save the digital certificate from a signed document to their local computer. The certificate will be saved as a keystore file with limited information about the signer.
Permissions Control – Access to the Digital Signature feature is managed by Group and Role.
- Group Access – Permission to use the feature is given by the client’s administrator by designating members of a group.
- Role Access – Permission to use this feature on certain files is given by file managers based on role access in the Alfresco system.
Conclusions
Enhanced security on-the-go. The power of digital signatures is now in Alfresco.
The Alfresco Digital Signature addon was developed by Skytizens to provide another level of security to Alfresco users. The module allows users to add a digital signature to any document being stored on the system. This allows colleagues and partners the ability to electronically confirm information about the documents they receive—namely where they come from, who sent them, what time they were signed, and check to see that the document hasn’t been tampered with.
For those who use digital signatures regularly in their work, the benefits of having a highly-customizable digital signature module built into their document storage will be obvious. Having this ability at your fingertips saves time and money and is one of the features that takes Alfresco from a standard cloud storage to a true enterprise-level Document Management System. Alfresco lets you do all aspects of your work on the go—not just frivolous tasks but important and high-security tasks as well.
Alfresco Version | |
---|---|
Alfresco Component Type | |
Development Status | |
Extension Point | |
Installation Method | |
Addon Name | |
Alfresco Product |