19th EUNIS Congress „ICT Role for Next Generation Universities”

It is widely recognized that information systems constitute a key tool for the overall performance improvement of administrative tasks in academic institutions. However at their genesis lies a latent promise of a paper-less environment that stays most of the time unfulfilled due to the lack of appropriate digital document integrity and accountability mechanisms. Academic institutions are thus most of the time still relying on traditional security trust methods based on paper documents for signing and archiving critical documents. While this method delivers an inefficient, inconvenient and costly workflow, it is still a common method to provide some sort of workable verifiable integrity and accountability that is still considered to be appropriate for the digital data that is being managed by the institutional information systems. Paper based documents have been relying on physical signatures and stamping policies and the physical properties of paper and ink for their integrity and authenticity for a long time. However, the evaluation of a paper document signature or stamp is not a straight forward process. It requires the recipient to have a notarized copy of the signer’s signature or stamp for comparison and requires handwritten signature evaluation training that is often beyond the scope of many office employee training. This can lead to situations where the level of credibility and integrity of paper based document is not adequate and makes the verification process entirely dependent on the administrative staff capacity of recognizing hand written signatures and puts too much trust on physical stamps, some of which are non-locally issued and thus very difficult to authenticate. In critical contexts this clearly is not enough to provide appropriate levels of non-repudiation and integrity for critical documents issued by institutions.
Digitally signed structured XML documents provide an interesting solution to this problem. Not only can the validation of the document be fully automatized and its integrity verifiable in real time by the information system, but it can also be implemented in such way that the information contained in such structured documents can be safely and more easily integrated into different information systems without human intervention, thus allowing for substantial cost reduction and leading to faster process work-flows with increased security and data quality.
In this paper we propose a PDF based document framework where any signed XML (PDF) document, produced by the institution can be at a later stage directly dematerialized and integrated into any compliant information system in a secure way while maintaining the information integrity and the ability to be self-verifiable. This framework involves the embedding of an encapsulated XAdES signed XML document with the information used on its production as an attachment to a PDF document with an institutional rendering visualization of the signed XML data. The attached XML document and the PDF are both time stamped by an external entity and signed by employees and the issuing institution.

Lígia M. Ribeiro, G.D., Ana Azevedo and J. C. Marques dos Santos. (1997) Developing An Information System At The Engineering Faculty Of Porto University. in EUNIS. Grenoble, France.

Grant, S. (2009) Guidelines on a European Learner Mobility model. 15 January 2013]; Available from: http://wiki.teria.no/display/EuropeanLearnerMobility/Guidelines+on+European+Learner+Mobility.

Council, E.P.a. (1999), Community framework for electronic signatures., in Directive 1999/93/EC.

Institute, E.T.S. (2002), XML Advanced Electronic Signatures (XAdES), ETSI TS 101 903 version 1.4.1,.

Institute, E.T.S. (2009), Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 5: PAdES for XML Content - Profiles for XAdES signatures..

Systems, A. (2001), PDF Reference, in Adobe Portable Document Format, ADDISON–WESLEY, Editor.

Systems, A. (2009), The AdES family of standards: CAdES, XAdES, and PAdES Implementation guidance for using electronic signatures in the European Union..

Vendil, P. (2009), SignServer Manual, Primekey, Editor.