Secure Doc
- Armando Carratala
- Nicolas Carratala (Unlicensed)
Description
Secure Doc is a Web Signing Service that allows the creation of signing flows as well as generating the certificate to accomplish a proper digital signature.
It is a service that organizes the signature of multiple PDF documents between multiple users, setting the signing order, expiration date, and more. Secure Doc also manages notifications via email. Secure Doc allows:
The generation of credentials, protecting them with second-factor authentication (such as PIN and OTP).
Use these credentials (or other ones) to create remote signatures in different formats.
The creation of closed parties where the members can view and sign (or reject) a common set of PDFs documents. Members can also play an auditor role.
Its REST interface allows managing the complete life cycle of a credential, and it may require the participation of the holder for some tasks, such as the renewal or re-issue of it.
Alison-Server has a modular architecture, which allows defining of several redundant modules to operate in high availability mode, with clusters replicated by means of a shared database.
Alison-Server is designed so the same instance can be shared between different organizations. It is also possible to separate different users of the same organization into isolated groups.
Below are some fundamental terms that are useful to understand the configuration and architecture:
Flow
A flow is a set of users and documents to be signed (or rejected) by these users.
It can also have auditors. An auditor is a special flow member. The auditor's function is not to sing or reject, but to observe how the flow develops.
Each flow has its own configuration, such as the expiration date, the signature type, and the position where the signature will be.
A flow can have additional documents as well, that play a complementary role. These additional documents will not be signed.
Tenant
A Tenant work like a group. Each Tenant has its policy, roles, and users.
Each flow and credential is created within a Tenant, which usually represents a complete organization.
A Tenant can contain credentials with certificates that were issued by different issuers (AC) within the PKI of an organization.
Profile
A role is a set of permission. Each role is created within a Tenant, and each user has a role in each Tenant that the user is in. The role permissions are:
Read permission: allows to view flows.
Write permission: allows to start, sign or reject a flow. Its also allows to extend the expiration date or to add additional documents.
Create permission: allows to create a flow.
Auditor permission: allows playing the auditor role.
Administrator permission: allows playing the administrator role.
By default, every Tenant has four roles automatically created:
Operator role: it has read, write and create permissions.
Auditor role: it has auditor permission.
Administrator role: it has all permissions.
Blocked role: it has no permissions.
Each Tenant has a default role. The default role is assigned to any new user that joins the Tenant. If no default role is defined, then the operator role is set as the Tenant default role.
Testing System
Access the Pilot Environment.
Open API
In this link you can find the API specification that you can use to manage a flow and all its related states.
Production:
Production | Stage (future release) |
|---|---|
Panel
