ADSS Server SAM APPLIANCE

Remote Qualified Signature Creation Device (QSCD)

High-Trust Remote Signing

There are many benefits to remote (cloud) signing, in particular there is no need to deploy hardware-based smartcards or tokens to users. This makes remote signing more cost-effective and also much easier to use from any location on any device. However for high-trust business applications, it’s essential that the server-side signing is performed in a secure way such that user signing keys remain under the sole control of their owner. Ascertia ADSS Server SAM Appliance is designed to provide the highest levels of assurance for remote signing including up to eIDAS Qualified Electronic Signature levels.

Key Points

ADSS Server SAM Appliance is the first in the World to Pass the Common Criteria EN 419 241-2 Evaluation Process
The SAM Appliance provides a tamper-protected hardware environment for its secure processing which is designed to meet FIPS 140-2 Level 3
Users authenticate to the SAM Appliance using the Go>Sign Mobile app. A secure 2-factor authentication and authorisation protocol referred to as the “Signature Activation Protocol (SAP)” ensures only the owner can authorise the use of their remote signing key
The SAM Appliance integrates out of the box with Ascertia SigningHub and ADSS Signing Server products. It can also be easily integrated with third party business applications using our ADSS Client SDKs.
The Ascertia Go>Sign Mobile app is also available as an SDK for iOS and Android to allow the same functionality to be embedded into your own apps.
The SAM Appliance comes with an optional embedded HSM which is also independently Common Criteria EAL4+ certified against eIDAS Protection Profile standard EN 419 221-5. External HSM options also exist.
ADSS Server SAM is also available in software mode for remote advanced signatures (as opposed to qualified signatures)

Key Points

ADSS Server SAM Appliance is the first in the World to Pass the Common Criteria EN 419 241-2 Evaluation Process
The SAM Appliance provides a tamper-protected hardware environment for its secure processing which is designed to meet FIPS 140-2 Level 3
Users authenticate to the SAM Appliance using the Go>Sign Mobile app. A secure 2-factor authentication and authorisation protocol referred to as the “Signature Activation Protocol (SAP)” ensures only the owner can authorise the use of their remote signing key
The SAM Appliance integrates out of the box with Ascertia SigningHub and ADSS Signing Server products. It can also be easily integrated with third party business applications using our ADSS Client SDKs.
The Ascertia Go>Sign Mobile app is also available as an SDK for iOS and Android to allow the same functionality to be embedded into your own apps.
The SAM Appliance comes with an optional embedded HSM which is also independently Common Criteria EAL4+ certified against eIDAS Protection Profile standard EN 419 221-5. External HSM options also exist.
ADSS Server SAM is also available in software mode for remote advance signatures (as opposed to qualified signatures)
Expnaded view of the appliance

Specifications

Component

Specifications

Operating System

Red Hat Enterprise Linux 7.4 in GUI mode

DBMS

Percona XtraDB Cluster 5.7.21-29.26 for RHEL

Chipset, CPU, RAM, Hard Drive etc

AIC-TB116-AN-L3
FIPS Barbone, 1x Intel Xeon E3-1200v5/v6 2x 2.5″, Intel C236
SCS-CPU-E3-1270V6
4-Core Intel Xeon Processor, 3.8GHz, HTT 8MB Cache, DDR4-2400, 72W, Sockel 1151
SCS-16GB-DDR4-UR26
16GB DDR4-2600 unregistered ECC DIMM
XA960LE10063
Seagate Nytro 1351 SATA SSD, 960GB, 6Gbit/s SATA, 1752TB TBW, 1 DWPD

HSM

Utimaco CryptoServer CP5 Se1500 PCIe, Certified acc. EN419221-5

Ask us for more information on how we can help your business streamline paper processes by using electronic signatures to secure and protect key documents and data.
Ask us for more information on how we can help your business streamline paper processes by using electronic signatures to secure and protect key documents and data.

ARCHITECTURE

ADSS Server SAM Appliances
As a Qualified Trust Service Provider (QTSP) we had an urgent need to deliver Qualified Remote Signature services that met the EU eIDAS (910/2014) Regulation and the relevant ETSI standards and CEN EN 419241-2 Protection Profile for Qualified Remote Signing with Level 2 Sole Control. Ascertia was the first to release a commercial product, ADSS SAM Appliance, that was CC EAL4+ certified against EN 419241-2. QuoVadis Trustlink B.V. was then the first QTSP to order and take delivery of this advanced product. As long-standing users of Ascertia’s world-class products we are pleased to see that the ADSS SAM Appliance used the same robust ADSS Server software that we are used to with our other high-trust, high-availability services. Ascertia are an easy organisation to work with and they support us very well when needed.

Patrick Beckman Lapré
Sales & Marketing Director, QuoVadis Trustlink B.V.

This website uses cookies to ensure you get the best experience on our website. Learn more

I AGREE