Académique Documents
Professionnel Documents
Culture Documents
Signatures
Agenda
Agenda
Visibility of document
Copy / Print
Document content
a
om
h
T
Signature
Document unchanged
Identity of signer
Legally binding
ith
m
sS
Verification
sign
(register)
Private Key
Public Key
Contract
CA
Integrity
Authenticity
Validity
Legally binding
verify
trust
Certificate contains
issues
Trust Center
Service
Document
Document
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Cryptographic
Hash-Algorithm
Cryptographic
Checksum
010110..
Document
Document
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Cryptographic
Hash-Algorithm
Cryptographic
Checksum
Signature
Value
010110..
Public Key
Algorithm
Signed Document
Document
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Cryptographic
Hash-Algorithm
Signed Document
Docu
ment
Document
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
010110..
Cryptographic
Checksum
Cryptographic
Hash-Algorithm
Signed Document
Docu
ment
010110..
Document
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Cryptographic
Checksum
010110..
Public Key of
Signer
Public Key
Algorithm
Signature of CA OK?
Certificate not revoked?
Cryptographic
Hash-Algorithm
Signed Document
Docu
ment
010110..
Document
Cryptographic
Checksum
=
?
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Yes
No
Dokument
Yes
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
OK
No
010110..
Public Key of
Signer
Wrong
Pos. Material
Public Key
Algorithm
10 80000311 1100.0
Dokument
20
30
40
50
80000620
80000636
80000639
80000711
100.2
110.3
50.0
10
Document
Dokument
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Cryptographic
Hash
Algorithm
Cryptographic
Check Sum
signature
value
signed document
010110..
Dokument
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Public Key
Algorithm
signed document
Doku
ment
Dokument
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Cryptographic
Hash
Algorithm
Cryptographic
Check Sum
Yes
Yes
010110..
Public Key
Algorithm
010110..
Public Key of
the signer
Signature of CA OK?
Certificate not revoked?
=
?
No
No
Dokument
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
OK
Dokument
Pos. Material
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639
50.0
50 80000711
10
Incorrect
Authenticity
Integrity
Validity
Legally Binding
Agenda
SAP
Application
SAP
Application
SAP
Application
SAP NetWeaver
SSF
ABAP
JAVA
IAIK Toolkit
Applications
with Electronic
Signatures
SSF-API
ABAP
ABAP
ABAP
ABAP
ABAP
ABAP
SAPSECULIB supports:
digital signatures without
cryptographic hardware
(Smartcards, Cryptoboards)
Java
Java
Java
Application server
signs with Electronic
Signatures
Java
ABAP
PKCS#7
SSF
Partner product
PKCS#7
S/MIME
IAIK S/MIME
XML
No Partner Certification
No support of Cryptographic Hardware
SSF_VERIFY
SSF_ENVELOPE
SSF_DEVELOPE
SSF_ADDSIGN
..
SSFS_CALL_CONTROL
SSFS_GET_SIGNATURE
SSF_KRN_
SAP AG 2004, SAP TechEd / SCUR104 / 19
System Signatures
Create electronic
signature
SAP System
ADS
Adobe Document
Server
Company B
SAP System
PDF
Document
Document
HTTP
HTTPS
S/MIME
FTP
Check electronic
signature
Company A
ADS
Adobe Document
Server
Archiving
User Signatures
Company
Create electronic
signature
SAP System
PDF
PDF
Document
Document
HTTP
HTTPS
S/MIME
FTP
Acrobat
Reader
Standardized format
Legally binding
ADS
Archiving
Adobe Document
Server
Check electronic
signature
User Frontend
CRM
EBP
ERP SD/CRM
PLM ECH
PLM DMS
PLM PP-PI
Healthcare
HCM Belgium
PLM QM
ERP FI
ERP FI/IHC
Public Sector
SAP Content Server
SAP NetWeaver
SAP AG 2004, SAP TechEd / SCUR104 / 23
ERP MM-FI
Agenda
Legal Requirements
ignat
German Electronic S
Digital Sig
nature La
w
ure Act
and Regu
lations
Council
n
io
t
o
m
o
r
P
ommerce
C
ic
n
o
r
t
c
le
Japan E
tin
n
e
A rg
ig
D
a
it
aw
L
ure
t
a
gn
i
S
al
EU Directive 1999/93/EC
US E-Sign Act
Canad
a Unif
Mala
ysian
D
or m E
lectro
nic Co
mmer
ce
igita
l
Act
Sign
a
ture
Law
Legal Requirements
Digital Signature
means an electronic signature based upon cryptographic methods
of originator authentication, computed by using a set of rules and a
set of parameters such that the identity of the signer and the
integrity of the data can be verified.
In order to avoid each American state from having conflicting law, the
National Conference of Commissioners on Uniform State Laws
developed the Uniform Electronic Transactions Act (UETA), while the
European Union proposed its Directive on a Common Framework for
Electronic Signatures for the European Union
In the United States, all of these incompatible state laws were
superseded by the Electronic Signatures in Global and National
Commerce Act (US E-Sign Act), which was signed into law in 2000. It is
technology neutral, provided certain disclosures are provided and the
basic requirements of Electronic Signatures are followed.
EU Directive 1999/93/EC
Directive 1999/93/EC of the European Parliament and of the Council
of 13 December 1999 on a Community framework for Electronic
Signatures for the European Union
Article 5 : Legal effects of Electronic Signatures
Member States shall ensure that advanced electronic signatures
which are based on a qualified certificate and which are created by
a secure-signature-creation device:
a) satisfy the legal requirements of a signature in relation to data in
electronic form in the same manner as a hand-written signature
satisfies those requirements in relation to paper-based data; and
b) are admissible as evidence in legal proceedings
EU Directive 1999/93/EC
Electronic signatures
Advanced electronic signatures
Qualified signatures
Qualified signature:
advanced electronic signature
+ qualified certificate (Annex I + II)
+ secure signature creation device (Annex III)
1. Electronic Signature
shall be data in electronic form that are attached to other electronic
data or logically linked to them and used for authentication;
permission of SAP AG. The information contained herein may be changed without prior notice.
Some software products marketed by SAP AG and its distributors contain proprietary software components of other
software vendors.
Microsoft, Windows, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation.
IBM, DB2, DB2 Universal Database, OS/2, Parallel Sysplex, MVS/ESA, AIX, S/390, AS/400, OS/390, OS/400, iSeries,
pSeries, xSeries, zSeries, z/OS, AFP, Intelligent Miner, WebSphere, Netfinity, Tivoli, and Informix are trademarks or
registered trademarks of IBM Corporation in the United States and/or other countries.
Oracle is a registered trademark of Oracle Corporation.
UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.
Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered
implemented by Netscape.
MaxDB is a trademark of MySQL AB, Sweden.
SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver and other SAP products and services mentioned herein
as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other
countries all over the world. All other product and service names mentioned are the trademarks of their respective
companies. Data contained in this document serves informational purposes only. National product specifications may vary.
These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated
companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group
shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and
services are those that are set forth in the express warranty statements accompanying such products and services, if any.
Nothing herein should be construed as constituting an additional warranty.
SAP AG 2004, SAP TechEd / SCUR104 / 40