Architecture

description

The system, presented in the diagram, consists of two main domains: the Client Domain and the SIGNIUS Domain. The diagram illustrates the process by which a customer uses a business application to generate a digital seal using services provided by SIGNIUS.

Client Domain

Components:

• Driving/Business Application - a business application used by the client to initiate the process of sealing documents.

• SIGNIUS Seal Client - a client of the SIGNIUS system responsible for communication with the SIGNIUS server and processing data necessary for sealing documents.

• Network folder - a network folder where documents to be sealed are stored.

Flow:

• The client's business application transmits data to the SIGNIUS Seal Client. SIGNIUS Seal Client generates a document hash (DocHash), which is sent to the SIGNIUS server via REST API secured with the HTTPS protocol.

SIGNIUS domain

Components:

• GlobalSign API Server - GlobalSign's API server that receives the document hash and initiates the sealing process.

• Remote QTSP (Qualified Trust Service Provider) - a remote trust service provider service that provides a qualified timestamp and validation.

• QSCD (Qualified Signature Creation Device) - a qualified signature creation device that ensures process security.

Process:

• GlobalSign API Server receives the document hash via the REST API and forwards it to the remote QTSP. QTSP generates a qualified timestamp which is then used to validate the seal on the document. QSCD provides a qualified seal, completing the process.

Security and communication

Communication between the client and the SIGNIUS server and between the SIGNIUS server and the remote QTSP is secured using HTTPS, which ensures the confidentiality and integrity of transmitted data. The use of the HTTPS protocol and trusted components such as QTSP and QSCD guarantees a high level of security in the process of document verification and sealing.

The system is a comprehensive solution for generating and verifying digital seals, integrating the client's business applications with advanced cryptographic services provided by SIGNIUS and external partners such as GlobalSign.