Skip to main content

eSeal Trustability System

Welcome to the Seal Trustability System user guide. This comprehensive document is designed to help you understand how our system works, the key concepts involved, and how you can effectively manage seal-related rights within your organization. Whether you're a new user or looking to deepen your understanding, this guide will walk you through every aspect of the seal trustability process.

This guide will help you understand:

  • The fundamental concepts of digital seals and trustability.
  • How the Seal Trustability System operates within your organization.
  • The procedures for delegating rights and managing approvals.
  • The roles of different users, including administrators and legal representatives.
  • Best practices for maintaining security and compliance.

Key Concepts

To effectively use the Seal Trustability System, it's essential to understand several key concepts. This section provides detailed explanations of crucial terms and mechanisms within the system.

What is a Digital Seal?

A digital seal is an electronic signature created by a legal entity (such as a corporation or government agency) used to ensure the authenticity and integrity of an electronic document. It acts as a digital equivalent of a traditional rubber stamp or company seal, signifying that the document originates from the entity and has not been altered.

Benefits of Digital Seals:

  • Authenticity: Confirms the source of the document.
  • Integrity: Ensures the document has not been tampered with.
  • Efficiency: Streamlines processes by allowing electronic verification.

eIDAS Regulation

The eIDAS Regulation (Electronic Identification, Authentication, and Trust Services) is an EU regulation that establishes standards for electronic identification and trust services for electronic transactions within the European Single Market. It aims to enhance trust in electronic transactions between businesses, citizens, and public authorities.

Key Objectives of eIDAS:

  • Provide a predictable regulatory environment.
  • Ensure legal certainty for electronic signatures and seals.
  • Enhance trust and convenience in secure electronic transactions.

eIDAS Levels

Under the eIDAS Regulation, electronic signatures and seals are classified into different levels based on their security and legal standing:

1. Simple Electronic Signature (SES)

  • Definition: The basic level, where the signer uses electronic data attached to or logically associated with other electronic data.
  • Use Cases: Internal documents, low-risk transactions.
  • Characteristics:
    • No specific requirements for identity verification.
    • Provides minimal legal assurance.

2. Advanced Electronic Signature (AES)

  • Definition: A more secure signature uniquely linked to the signer, allowing identification and detection of any subsequent changes.
  • Use Cases: Contracts, agreements requiring higher security.
  • Characteristics:
    • Signer is uniquely identified.
    • Created using electronic signature creation data under the signer's sole control.
    • Linked to the data in such a way that any changes are detectable.

3. Qualified Electronic Signature (QES)

  • Definition: The highest level of electronic signature, equivalent to a handwritten signature under EU law.
  • Use Cases: High-value contracts, notarial acts, legal documents.
  • Characteristics:
    • Meets all requirements of an AES.
    • Created using a qualified electronic signature creation device.
    • Based on a qualified certificate for electronic signatures issued by a qualified trust service provider.

Seal Rights

Seal rights determine the actions a user can perform within the Seal Trustability System. They ensure that only authorized personnel can create and manage digital seals on behalf of the organization.

Types of Seal Rights

  1. CREATE_SEAL_APPROVER

    • Description: Allows the user to create seal approvers who can authorize and apply seals.
    • Responsibilities:
      • Create and manage seal approvers.
      • Oversee sealing activities.

  2. CREATE_M2M

    • Description: Allows the user to create machine-to-machine (M2M) integrations for automating seal processes without human intervention.
    • Responsibilities:
      • Set up automated sealing processes.
      • Ensure integrations comply with security standards.

  3. DELEGATE

    • Description: Allows the user to delegate their seal rights to other users within the organization.
    • Responsibilities:
      • Assign rights to appropriate personnel.
      • Manage and revoke delegations as necessary.

Importance of Seal Rights

  • Security: Prevent unauthorized use of digital seals.
  • Accountability: Track who has performed sealing actions.
  • Compliance: Meet regulatory requirements and internal policies.

Delegation Processes

Delegation processes are workflows that enable the transfer of rights from one user (the right giver) to another (the right receiver). They are essential for managing access and ensuring that rights are appropriately assigned within the organization.

There are two main types of delegation processes:

1. User Delegation Process

  • Purpose: Allows a user with certain rights to delegate those rights to another user.
  • Process Overview:
    • Initiation by the right giver.
    • Specification of rights to be delegated.
    • Approval process (automatic or manual).
    • Granting of rights to the receiver.

2. Approver Delegation Process

  • Purpose: Specifically for assigning seal approver roles to users who will authorize the application of seals.
  • Process Overview:
    • Similar steps to the user delegation process.
    • Focused on granting approver rights.

Key Components of Delegation Processes

  • Right Giver: The user who currently holds the rights and wishes to delegate them.
  • Right Receiver: The user who will receive the rights and take on associated responsibilities.
  • Approval Method: Determines how the delegation is approved (automatic or manual).
  • Delegation Date: The date when the rights are delegated.
  • Expiration Date: The date when the delegated rights expire.

Approval Methods

Approval methods define how a delegation request is approved. They ensure that delegations are authorized appropriately, maintaining the security and integrity of the Seal Trustability System.

Types of Approval Methods

  1. AUTOMATICALLY_APPROVED_BASED_ON_EIDAS_LEVEL

    • Description: Delegations are automatically approved if the eIDAS level meets certain criteria (e.g., SES, AES).
    • Applicable Scenarios:
      • Low to medium risk transactions.
      • Quick delegation without manual intervention.

  2. RECEIVER_IS_LEGAL_REPRESENTATIVE

    • Description: If the receiver is identified as the legal representative of the organization, the delegation is automatically approved.
    • Applicable Scenarios:
      • High authority required.
      • Simplifies processes for legal representatives.

  3. DELEGATION_SIGNED_BY_PARTIES

    • Description: Both the right giver and right receiver must sign a delegation document for approval.
    • Applicable Scenarios:
      • High-risk transactions.
      • Ensures both parties acknowledge and agree to the delegation.

  4. APP_ENV_IS_DEVELOPMENT

    • Description: In a development environment, delegations are automatically approved to facilitate testing and development.
    • Applicable Scenarios:
      • Testing purposes.
      • Not applicable in production environments.

Importance of Approval Methods

  • Risk Management: Ensures appropriate oversight based on transaction risk.
  • Compliance: Aligns with regulatory requirements for approvals.
  • Efficiency: Streamlines processes where appropriate while maintaining security.

Scopes

Scopes define the context or extent within which delegated rights are valid. They help in controlling where and how the rights can be used.

Types of Scopes

  1. ORG (Organization Scope)

    • Description: Rights are valid across the entire organization.
    • Implications:
      • Users can perform actions in any application or project within the organization.
      • Suitable for high-level administrators and legal representatives.

  2. APP (Application Scope)

    • Description: Rights are restricted to a specific application.
    • Implications:
      • Users can only perform actions within the designated application.
      • Enhances security by limiting access.

Importance of Scopes

  • Security Control: Limits the potential impact of unauthorized actions.
  • Resource Management: Ensures users only access necessary resources.
  • Compliance: Helps enforce policies and regulations at different organizational levels.

Workflow Overview

Understanding the workflow of delegating rights and the approval process is crucial for effectively using the Seal Trustability System. This section provides a detailed explanation of the steps involved.

Delegating Rights

Delegating rights involves transferring certain seal-related permissions from one user to another. Here's a step-by-step guide:

Step 1: Initiation by Right Giver

  • Action: The right giver logs into the system and navigates to the delegation section.
  • Details:
    • Selects the option to delegate rights.
    • Chooses the rights to delegate (e.g., CREATE_SEAL_APPROVER).
    • Specifies the right receiver by entering their user ID or email.

Step 2: Specify Delegation Details

  • Action: Provide additional details for the delegation.
  • Details:
    • Scope: Select whether the rights are for the entire organization (ORG) or a specific application (APP).
    • eIDAS Level: Choose the required eIDAS level for the rights.
    • Approval Method: The system suggests the approval method based on the context and eIDAS level.

Step 3: Submission

  • Action: Submit the delegation request.
  • Details:
    • The system validates the input.
    • An acknowledgement is displayed confirming the submission.

Step 4: System Processing

  • Action: The system processes the delegation request.
  • Details:
    • Checks for automatic approval eligibility.
    • Records the request in the system database.

Approval Process

The approval process ensures that delegations are authorized according to the organization's policies and regulatory requirements.

Automatic Approval

If the delegation meets criteria for automatic approval (e.g., low eIDAS level, receiver is the legal representative), the system:

  • Action: Automatically grants the rights to the right receiver.
  • Notification:
    • Both the right giver and receiver receive notifications of the successful delegation.

Manual Approval

If manual approval is required, the following steps occur:

Step 1: Creation of Delegation Document
  • Action: The system generates a delegation document outlining the rights and responsibilities.
  • Details:
    • Includes details of both parties.
    • Specifies the rights being delegated.
    • Outlines the terms and conditions.
Step 2: Right Giver Signs the Document
  • Action: The right giver reviews and electronically signs the delegation document.
  • Details:
    • Uses a secure signature method compliant with eIDAS levels.
    • The signature is recorded and time-stamped.
Step 3: Right Receiver Signs the Document
  • Action: The right receiver is notified to sign the delegation document.
  • Details:
    • Reviews the document.
    • Electronically signs it, acknowledging the acceptance of rights and responsibilities.
Step 4: System Finalizes the Delegation
  • Action: Upon receiving both signatures, the system grants the rights to the right receiver.
  • Notification:
    • Both parties receive confirmation of the successful delegation.

Managing Seal Rights

This section provides guidance on how to manage your seal rights within the system, including viewing your current rights, requesting additional rights, and delegating rights to others.

Viewing Your Rights

You can easily view your current seal rights through your user dashboard.

How to View Your Rights

  1. Log In to the System

    • Enter your credentials to access your account.

  2. Navigate to Seal Trustability Section

    • From the main menu, select Seal Trustability or My Rights.

  3. Review Your Rights

    • A list of your current rights is displayed.
    • Information includes:
      • Right Type: The specific rights you hold.
      • Scope: Whether the rights are at the ORG or APP level.
      • eIDAS Level: The level associated with your rights.
      • Effective Date: When the rights became active.
      • Expiration Date: When the rights will expire.

Benefits

  • Transparency: Know exactly what actions you're authorized to perform.
  • Accountability: Understand your responsibilities within the organization.
  • Preparation: Plan for renewals or requests before rights expire.

Requesting Rights

If you need additional seal rights to perform your duties, you can request them through the system.

How to Request Rights

  1. Access the Seal Trustability Section

    • Navigate to Seal Trustability > Request Rights.

  2. Select the Rights Needed

    • Choose from the list of available rights.
    • Examples include:
      • CREATE_SEAL_APPROVER
      • CREATE_M2M
      • DELEGATE

  3. Specify Details

    • Scope: Select ORG or APP.
    • eIDAS Level: Choose the appropriate level (SES, AES, QES).
    • Justification (Optional): Provide a reason for your request.

  4. Submit the Request

    • Click Submit to send your request.
    • A confirmation message will appear.

After Submission

  • Approval Process:
    • The system will determine the appropriate approval method.
  • Notifications:
    • You will receive updates on the status of your request.

Tips

  • Provide Clear Justification:
    • Helps approvers understand your need.
  • Plan Ahead:
    • Requests may take time to process, especially if manual approval is required.

Delegating Rights to Others

If you hold the DELEGATE right, you can delegate some of your rights to other users within the organization.

How to Delegate Rights

  1. Navigate to Manage Delegations

    • Go to Seal Trustability > Manage Delegations.

  2. Initiate Delegation

    • Click on Delegate Rights.

  3. Enter Receiver Information

    • Provide the user ID or email of the right receiver.

  4. Select Rights to Delegate

    • Choose the rights you wish to delegate.
    • Ensure you have the authority to delegate these rights.

  5. Specify Delegation Details

    • Scope: ORG or APP.
    • eIDAS Level: SES, AES, or QES.
    • Validity Period: Set the effective and expiration dates.

  6. Submit Delegation Request

    • Review the details.
    • Click Submit to initiate the delegation process.

Monitoring Delegations

  • Delegation Status:
    • Track the status of your delegations (e.g., Pending, Approved, Declined).
  • Revoking Rights:
    • You can revoke delegated rights before expiration if necessary.

Best Practices

  • Select Appropriate Receivers:
    • Ensure the receiver requires the rights for their role.
  • Communicate:
    • Inform the receiver about the delegation to ensure they are prepared.
  • Maintain Records:
    • Keep track of all delegations for accountability.

The legal representative holds a unique and crucial position within the Seal Trustability System. Understanding this role is essential for both legal representatives and other users who interact with them.

Responsibilities

  • Overall Authority: Has the ultimate authority over seal-related activities within the organization.
  • Approval Power: Can approve delegations and requests without requiring additional approvals.
  • Compliance Oversight: Ensures that the organization's use of digital seals complies with legal and regulatory standards.

Privileges

  • Automatic Approvals:
    • Delegations that involve the legal representative as the receiver are automatically approved under the RECEIVER_IS_LEGAL_REPRESENTATIVE method.
  • Delegation Rights:
    • Can delegate rights to any user within the organization without the need for further approval.
  • Assignment:
    • The organization's board or management assigns the legal representative role.
  • Verification:
    • The system may require documentation or verification to confirm the legal representative's identity and status.
  • Updating Information:
    • It's crucial to keep the legal representative's information up to date to prevent unauthorized access.
  • Requests and Approvals:
    • Users may receive approvals or delegations from the legal representative.
  • Compliance Queries:
    • The legal representative may reach out regarding compliance matters.

Automatic Approvals

Automatic approvals streamline processes by reducing the need for manual intervention while maintaining security. Understanding when and how automatic approvals occur is essential for efficient use of the system.

Scenarios for Automatic Approval

  1. Based on eIDAS Level

    • Criteria:
      • Delegations at lower eIDAS levels (e.g., SES, AES).
      • Considered lower risk.
    • Process:
      • System automatically approves the delegation upon submission.

  2. Receiver is Legal Representative

    • Criteria:
      • The right receiver is the legal representative of the organization.
    • Process:
      • Delegations are automatically approved due to the receiver's authority.

  3. Development Environment

    • Criteria:
      • The system is in a development environment (APP_ENV_IS_DEVELOPMENT).
    • Process:
      • All delegations are automatically approved to facilitate development and testing.

Benefits of Automatic Approvals

  • Efficiency: Speeds up the delegation process.
  • Resource Savings: Reduces administrative overhead.
  • User Experience: Improves satisfaction by minimizing delays.

Considerations

  • Risk Assessment:
    • Automatic approvals are typically restricted to lower-risk scenarios.
  • Compliance:
    • Ensures that automatic approvals align with regulatory requirements.
  • Monitoring:
    • Regular audits should be performed to ensure the integrity of automatic approvals.

Diagrams

Visual representations can greatly aid in understanding complex processes. Below are diagrams illustrating the delegation workflow and approval process.

Delegation Workflow

Explanation

  • Initiate Delegation Request: The right giver submits a request to delegate rights.
  • Automatic Approval Check: The system determines if the request qualifies for automatic approval.
  • Automatic Approval Path: If applicable, the system approves and notifies the right receiver.
  • Manual Approval Path: If not eligible for automatic approval, the system generates a delegation document that both parties must sign.

Approval Process Diagram

Explanation

  • Start Delegation: The process begins with a delegation request.
  • Automatic Approval Decision: The system checks if automatic approval is applicable.
  • Manual Approval Path: If not automatic, both the right giver and receiver must sign the delegation document.
  • Grant Rights: Once both signatures are received, the rights are granted.
  • End Process: The delegation process concludes.

Frequently Asked Questions (FAQs)

Q1: What happens if the right receiver does not sign the delegation document?

A: If the right receiver does not sign the delegation document within a specified time frame, the delegation request will expire. You may need to initiate a new request or follow up with the receiver.

Q2: Can the legal representative delegate rights to multiple users simultaneously?

A: Yes, the legal representative can delegate rights to multiple users. They can initiate separate delegation requests for each user or use a bulk delegation feature if available.

Q3: How do I revoke rights that I have previously delegated?

A: Navigate to Seal Trustability > Manage Delegations, find the delegation you wish to revoke, and select the option to revoke it. The right receiver will be notified, and the rights will be withdrawn.

Q4: Are there audit logs for delegations and approvals?

A: Yes, the system maintains comprehensive audit logs that track all delegation requests, approvals, revocations, and other activities. These logs are crucial for compliance and auditing purposes.

Q5: Can I delegate rights outside my scope?

A: No, you can only delegate rights that you possess and within the scope assigned to you (ORG or APP). Attempting to delegate rights outside your scope will result in an error.

Q6: What should I do if I receive rights that I did not request or need?

A: Contact your organization's administrator or the person who delegated the rights to discuss the situation. You can also decline or request the revocation of unnecessary rights.

Q7: How is the eIDAS level determined for a delegation?

A: The eIDAS level is selected during the delegation request based on the required security level for the rights being delegated. The system may enforce minimum levels for certain rights.

Glossary

  • Digital Seal: An electronic signature used by legal entities to authenticate electronic documents.
  • eIDAS Regulation: EU regulation that standardizes electronic identification and trust services.
  • eIDAS Level: Classification of electronic signatures and seals based on their security (SES, AES, QES).
  • Seal Rights: Permissions that allow users to perform seal-related actions.
  • Delegation: The process of assigning rights from one user to another.
  • Right Giver: The user who delegates their rights.
  • Right Receiver: The user who receives delegated rights.
  • Approval Method: The process by which a delegation request is approved.
  • Scope: The context (ORG or APP) within which rights are valid.
  • Legal Representative: A user with authority over seal-related activities in the organization.