PKI

• introduce certification services – these services serve for the issue of digital certificates and their administration
• implement concrete technologies on the basis of PKI – this is technology which uses the allocated certificates for the given purpose (encryption and electronic signature of documents, identification of users or processes etc.)

Implementation of certification services

The basic assumption for the successful use of certificates is then the building of suitable structures of PKI certification authorities or use of existing services on the market.A decision on the method of use of possibilities which the implementation of PKI provides is not a simple matter and requires not only theoretical knowledge but also practical experience.

The offered PKI implementation services thus includes:

• analysis of environment and processing of PKI implementation study including, for example, the following
  • definition of strategy in the area of PKI use for identified areas
  • analysis of processes from the aspect of PKI
  • proposal for areas suitable for introduction or use of PKI
  • analysis of impacts
• The building of hierarchies of certification authorities (if the study included a recommendation to establish this) or proposal for method of utilisation of other (for example, external) certification services, primarily
  • implementation of internal certification authorities
  • connection to external certification authorities
  • consultation
• Putting PKI into operation in context of organisation
  • deployment of applications supporting PKI
• Additional services, such as
  • connection to accredited providers of certification servers and time stamps
  • utilisation of applications based on mobile and fixed network of O2

Introduction of digital signature – consultation

In the event that an organisation decides to put the digital signature into practice (pursuant to the Digital Signature Act  227/2000 Coll., concerning digital signature, as amended), it is possible to provide the following services:

• analysis of processes from the aspect of implementation of guaranteed digital signature
• consultation focussing on selection of suitable resources for the creation and verification of a digital signature or time stamps
• implementation of own resources

Reliable store (“reliable archive”)

It is difficult to save electronic documents (including those digitally signed) without special measures in such a manner that the conclusiveness of preservation of integrity, time of its inception or validity of digital signature which they bear is ensured. One solution (apart from the notarial conversion into documentary form) is the building of a so-called reliable store in which the documents are saved for the essential period with preservation of the aforementioned attributes.

This solution becomes particularly significant in connection with the law which introduces to practice communication via so-called data boxes (Act No 300/2008 Coll., concerning electronic acts and authorised conversion of documents in the valid wording)

The solution which we offer makes it possible:

• To insert signed and unsigned documents.
• To ensure by means of internal mechanisms measures of inserted documents either by so-called archive signature or by time stamps which ensure the extension of the preservation of fundamental properties for any period, to be more precise it ensures:
• the preservation of the validity of digital signatures and time stamps which were a part of the document passed on,
• preservation of the integrity of the documents passed on,
• ensuring the provability of the moment of handover of the document to the archive.
• To provide the document for inspection at any time, including offering evidence in relation to the validity of digital signatures or time stamps.
• Flexible system of access authorisations for the individual documents.