User manuals
docs.signius.eu
SEAL EN
SEAL EN
  • SIGNIUS SEAL
    • Introduction & Scope
    • Architecture
    • System requirements
    • SIGNIUS Seal Client
      • Installation
      • Configuration
      • PDF/PAdES Sealing
      • XML/XAdES Sealing
Powered by GitBook
On this page
  • Hosted Setup - Remote/SaaS Document Processing
  • Description
  • Hybrid Setup - Client Deployment on-prem, Hash processing by SIGNIUS or the QTSP
  • On-premise Setup - SIGNIUS Seal Client, Server and the QSCD are deployed within your organisation
  1. SIGNIUS SEAL

Architecture

SIGNIUS Seal Architecture Description

PreviousIntroduction & ScopeNextSystem requirements

Last updated 4 months ago

Hosted Setup - Remote/SaaS Document Processing

Description

The system, presented in the diagram, consists of two main domains: the Client Domain and the SIGNIUS Domain. The diagram illustrates the process by which a customer uses a business application to generate a digital seal using services provided by SIGNIUS.

Client Domain

Components:

  • Driving/Business Application - a business application used by the client to initiate the process of sealing documents.

  • SIGNIUS Seal Client - a client of the SIGNIUS system responsible for communication with the SIGNIUS server and processing data necessary for sealing documents.

  • Network folder - a network folder where documents to be sealed are stored.

Flow:

  • The client's business application transmits data to the SIGNIUS Seal Client. SIGNIUS Seal Client generates a document hash (DocHash), which is sent to the SIGNIUS server via REST API secured with the HTTPS protocol.

SIGNIUS Domain

Components:

  • GlobalSign API Server - GlobalSign's API server that receives the document hash and initiates the sealing process.

  • Remote QTSP (Qualified Trust Service Provider) - a remote trust service provider service that provides a qualified timestamp and validation.

  • QSCD (Qualified Seal/Signature Creation Device) - a qualified signature creation device that ensures process security.

Process:

  • The Server receives the document hash via the REST API and forwards it to the remote QTSP. QTSP generates a qualified timestamp which is then used to validate the seal on the document. QSCD provides a qualified seal, completing the process.

Hybrid Setup - Client Deployment on-prem, Hash processing by SIGNIUS or the QTSP

On-premise Setup - SIGNIUS Seal Client, Server and the QSCD are deployed within your organisation

Security and communication

Communication between the client and the SIGNIUS server and between the SIGNIUS server and the QSCD/remote QTSP is secured using HTTPS, which ensures the confidentiality and integrity of transmitted data. The use of the HTTPS protocol and trusted components such as QTSP and QSCD guarantees a high level of security in the process of document verification and sealing.

The system is a comprehensive solution for generating and verifying digital seals, integrating the client's business applications with advanced cryptographic services provided by SIGNIUS and external partners.

SIGNIUS Seal
SIGNIUS Seal Hybrid Setup
SIGNIUS Seal On-Premises