|
|
Electronic Signature Legislation & Regulation Policies for Digital Signatures |
CoSign Regulatory Information
Here you will find regulatory information, including electronic signature directives and policies for digital signatures (standard electronic signatures), pertaining to the use of CoSign® digital signatures in various countries.
Compliance with digital signature directive legislation & regulations
For many organizations, it is critical to protect their data at all times with PKI-standard based methods that meet the toughest regulations. CoSign complies with the most stringent regulations recognized worldwide, allowing organizations to take advantage of this built-in capability and meet these regulations and policies for digital signatures.
CoSign complies with numerous worldwide regulations including:
| » |
FDA's 21 CFR Part 11; |
| » |
Health Insurance Portability and Accountability (HIPAA); |
| » |
E-sign (Electronic Signature in Global and national Commerce Act); |
| » |
EU VAT Directive; |
| » |
EU Directive for Electronic Signatures; |
| » |
Uniform Electronic Commerce Act (UECA); |
| » |
ISO; |
| » |
Sarbanes Oxley; and |
| » |
FAA's CFR Title 14. This includes support for:
| » |
Air carriers under 14 CFR parts 121, 129, or 135; |
| » |
Operators under 14 CFR parts 91, 125, 133, or 137; |
| » |
Persons performing airmen certification under 14 CFR parts 61, 63, 65, 141, and 142; |
| » |
Individuals performing maintenance or preventive maintenance under 14 CFR part 43; |
| » |
Repair stations under 14 CFR part 145; and |
| » |
Aviation maintenance technical schools under 14 CFR part 147 |
|
CoSign protects your business in a court of law and will not be questioned for compliance.
CoSign certifications for Digital Signature Directives
CoSign’s hardware is FIPS 140-2 Level 3 validated. CoSign also follows the internationally approved Common Criteria security standard (ISO/IEC 15408), by using smartcards that are Common Criteria CWA 14169 certified within the CoSign hardware enclosure. The Common Criteria SSCD validation provides compliance with EU Electronic Signature Directives (European Union Directive 1999/93/EC on Electronic Signature).
Typical legislation requirements for Digital Signature Directives
Digital signature regulations vary from country to country. Taking the European Electronic Signature Directive (EC Directive 99/93 on Electronic Signatures) as an example, the requirements for a standard (advanced) Electronic Signature are:
| a |
it is uniquely linked to the signatory; |
|
| b |
The signature-creation-data used for signature generation cannot, with reasonable assurance, be derived and the signature is protected against forgery using currently available technology; |
|
| c |
it is created using means that the signatory can maintain under his sole control; and |
|
| d |
it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable; |
Is CoSign a Secure Signature Creation Device (SSCD)?
The European Directive (EC Directive 99/93 on Electronic Signatures) defines SSCD as:
1. Secure signature-creation devices must by appropriate technical and procedural means to ensure at the least that:
| » |
The signature-creation-data used for signature generation can practically occur only once, and that their secrecy is reasonably assured; |
|
| » |
The signature-creation-data used for signature generation cannot, with reasonable assurance, be derived and the signature is protected against forgery using currently available technology; |
|
| » |
The signature-creation data used for signature generation can be reliably protected by the legitimate signatory against the use of others. |
2. Secure signature-creation devices must not alter data to be signed or prevent such data from being presented to the signatory prior to the signature process.
CoSign complies with the SSCD requirements defined by the EU electronic signature directive in the following ways:
| » |
CoSign is FIPS 140-2 level 3 validated for those EU member states requiring such a certification for SSCD devices. |
|
| » |
The CoSign SSCD model includes CWA approved smartcards for EU member states requiring this specific certification for SSCD devices. |
|
Regulatory Compliance Statements
Forum of European Supervisory Authorities for Electronic Signatures (FESA) on Server Based Signature Services - click here.
European Union (EU) - English
Germany - German or
English |
|
|
|
|
|
|
|
© 2008 ARX, All Rights Reserved.
Terms of Use |
Privacy Policy |
Legal |
Site Map
About Us |
Products |
Solutions |
Industries |
Resource Center |
Partners |
Support |
Contact
English |
French |
German |
Italian |
Spanish
|
|
