Security through digital signatures

Content Manager makes it possible to verify and authenticate the origin and ownership of documents that have been or are to be transmitted outside the system.

All security levels, access control and audit features only apply to items that are under the control of Content Manager. To fill the gap in authentication of items that have to be transmitted from system to system, Content Manager provides support for digital signatures.

Content Manager provides support for digital signatures based on a public/private key infrastructure and users can perform the following tasks:

  • Sign documents
  • Store digital signatures with documents
  • Verify digital signatures

Content Manager uses the Microsoft Cryptography API for the digital signature functionality.

  1. Right-click the record you want to sign and from the Electronic menu, select Signature.
  2. Select the option Sign the document, using certificate.

    Content Manager uses the Microsoft Cryptography API to create a digital signature by hashing the document and encrypting the hash with the user's private key.

Content Manager stores the digital signature as a rendition with the document to which it belongs.

To store a digital signature that you have received with an electronic document from an external source, import the signature file from the Property dialogue box - Rendition tab.

  1. Right-click the record you want to sign and from the Electronic menu, select Signature.
  2. Make sure the option Verify the existing signature on the document is selected and click OK.

    Content Manager uses the Microsoft Cryptography API which will validate the certificate in the signature, create a hash of the document, decrypt the hash in the digital signature and compare the two.

    The verification is stored in the Notes field of the document to which the signature belongs.

    A message will appear to inform the user whether the verification was successful or whether the verification failed.

    • If successful, Content Manager will check out the signed document rendition to the user.
    • If unsuccessful, the right-click Properties - Rendition tab will display failed.

See also Digital signatures.