Académique Documents
Professionnel Documents
Culture Documents
Introduction
Scanning paper documents, storing it for long-term preservation and using the digitalized
content to speed up business processes is best practice for more process speed and efficiency
for enterprises around the world. Several of these business processes are regulated by
legislation, for example processing documents relevant for taxation like invoices.
One important principle is guiding the digitalization of such paper document: The electronic
representation of a document must be identical to the original and must be stored in an
unalterable way. This means that the electronic document must be consistent with the original in
a way that is accepted by authorities like tax authorities or before court.
For scanned paper document it means that the electronic documents needs to visually conform
to the paper document. Some legislation request that this is confirmed by a person applying a
personalized digital signature to the electronic document. The digital signature guarantees that
the electronic document cannot be tampered without being detected and authenticate the
person that confirmed the visual conformance with the original. This is specifically important if
the paper shell be disposed after scanning.
This paper describes how to set up a scanning environment with Open Text Imaging Enterprise
Scan, Open Text Document Pipeline and Open Text Archive Server with all due diligence to
fulfill the strict requirements of legislation regarding conformity of electronic documents with the
scanned original.
2 | Sec ur e Sc an n i ng E n vi r o nm en t
These three components together cover the end-to-end process of scanning and digitalizing the
paper, quality assurance of scanned image, optionally applying a timestamp and sending it to the
Archive Server.
In order to ensure that the images are not tampered during this process, these three components
need to be installed in a secure environment.
3 | Sec ur e Sc an n i ng E n vi r o nm en t
4 | Sec ur e Sc an n i ng E n vi r o nm en t
rd
further user interaction. There the personalized digitally signature is created by a 3 party software
integrated in the Document Pipeline (project), applied to the document and the signed document is
passed on to the Archive Server.
Document Pipeline File System Control
The file system used by the Document Pipeline should be secured with access restrictions. If the
Document Pipeline is deployed on the scan PC, this is a specific directory of the file system of the
scan PC. As an alternative the Document Pipeline can also be installed as Remote Document
Pipeline, for example on the Archive Server which typically provides a secure environment.
Secure Timestamp in the Document Pipeline
If an additional level of security is required to ensure data integrity of documents, timestamp
signatures can be used. A timestamp is a signed datagram containing the document's hash value, the
current time and date, and additional information. The Archive Server supports interfaces to external,
certified timestamp service providers like timeproof and Authentidate. Timestamps ensure that
document components can no longer be modified unnoticed after they have been archived. When tax
auditors examine a document several years later, the company can prove that it was saved at a
certain time and hasnt been changed since. The Document Pipeline can be configured to apply a
timestamp to the document before sending it on to the Archive Server.
Secure Communication
The communication between Enterprise Scan, the Document Pipeline, the Open Text Archive Server
and the SAP system can be secured via the usage of SSL respectively HTTPS and checksums. By
enforcing SSL, authorized and encrypted access to all or individual logical archives can be ensured.
Enterprise Scan generates checksums for all scanned documents and passes them on to the Archive
Server. The Archive Server verifies the checksums and reports errors.
Secure Archiving on Secure Storage
Generally, Archive Server archives documents on non-changeable media with WORM feature. These
can only be written once, providing excellent security against accidental as well as intentional deletion
or alteration.
Secure Archiving with ArchiSig Timestamps
With the ArchiSig concept, the Archive Server also supports the renewal of timestamps and digital
signatures. This is necessary as the value of digitally signed documents as legal evidence decreases
over the course of time as the employed cryptographic algorithms and the keys lose their security
qualification over time. It also may not be guaranteed that the directories and documents needed for
the verification of certificates are available for 30 years or more. Open Text Archive Server supports
the ArchiSig concept. An ArchiSig-generated timestamp with renewal is valid for an unlimited period of
time.
Secure Retrieval
Upon retrieving a document with timestamp, the Archive Server can automatically validate the
timestamp upon read requests for the document. In case the timestamp is invalid the Archive Server
can be configured to take appropriate action like denying the read request or informing the
administrator.
Secure Viewing
Timestamps of documents can also be interactively verified by the user when documents are
displayed in the Imaging Viewers (Windows, Java, Web). The Imaging Web Viewer with PDF
Extensions also supports verification of digital signatures embedded in PDF documents.
5 | Sec ur e Sc an n i ng E n vi r o nm en t
w w w. o p e n t e x t . c o m
For more information about Open Text products and services, visit www.opentext.com. Open Text is a publicly traded company on both NASDAQ (OTEX) and the TSX (OTC).
Copyright 2009 by Open Text Corporation. Open Text and The Content Experts are trademarks or registered trademarks of Open Text Corporation. This list is not exhaustive. All other
trademarks or registered trademarks are the property of their respective owners. All rights reserved. SKU#_EN