Infrastructure simple electronic signature. Part 2: Target System Modeling

In the previous part , a diagram was constructed using the systems in the projected infrastructure of the probe . The next step is to analyze the target system in this infrastructure. Our target system is PEP , which, according to the law, is the equivalent of a personal handwritten signature. Therefore, further analysis will be carried out both for a personal handwritten signature and for the EGP .

Target system in the counterparting system

From a technical point of view, a handwritten signature is a developed motor skill of a certain hand movement, as a result of which a hand movement trajectory is visualized in the form of a monogram with optional additional elements - strokes and strokes. According to the monogram, the office management system receives information about personal data (PD), i.e. by type of monogram, it can identify exactly who created the monogram. The motor skill of the hand is, in fact, a chain of commands for the arm muscles recorded in the brain. Thus, the elements of a handwritten signature are: man, brain, skill, hand, visual monogram. If we consider all these elements, we can form the following model of the elements of a handwritten signature system:

A subject using a handwritten signature plays the role of a PD subject, where a visual image, a sound image, a speech (semantic) image — the last name, first name, patronymic place in the world — place of residence, place in society — place of work and position, and other PD . For a legally significant signature, the PD set contained in the identity card is important.
The motor skill of the hand is a unique, closed, inalienable key to the personality PD .
Monogram (with optional strokes and strokes) is a unique public key to PD .
The brain is a tool for storing a private key (motor memory), as well as a platform for binding, private and public keys.
')
The function of the handwritten signature system is the transfer of information about the subject's PD with the help of the private and public keys. This is an important point. Signature is the transfer of information about PERSONAL DATA. If the public key is not related to PD in any way, if it is impossible to determine the PD from the public key, then this public key will NOT be an analog of a handwritten signature, and therefore such a public key will NOT be a legally significant signature. This is just a message, but not a signature. There is an erroneous opinion that any login / password is a simple electronic user signature. This is not the case, until the login / password contacts the PD .

Taking into account the above, the counterparty on the diagram of using systems is the subject of PD , possessing a system that generates a message about PD using the private and public keys. The subject is a stakeholder, we will need to take his interests into account when designing. In the diagram, we do not indicate the stakeholder, therefore, our counterparty is the system of generating a message about personal data, whose elements are the actual PD , as well as the public and private key systems. Counterparty is shown in the following diagram:



This model is somewhat abstract, since there are no elements in it that exist in real signature systems — monograms for handwritten signatures, signature keys, or digital signature certificates. This is still a metamodel. In order for the metamodel to become a model, we need to show the constructive elements of the target system. The diagram is slightly modified, since in reality there are several architectural solutions for the signature.



This diagram shows several architectural solutions that perform the same function. Each technical solution in reality is a constructive module , the existence of which is assumed by the counterparty.

Let us consider in more detail a constructive solution for the probe , namely, the system of using the private key for transmitting the public key is our target system. First of all, you need to answer the question - what is the "private key" of PEP ? As follows from the definition of the probe in FZ-63 , this is a code or password, that is, a set of certain characters. Based on the fact that we are designing an analogue of a handwritten signature, the private key should be known only to the counterparty, similarly, the counterparty is known as the correct motor skill of the hand in the handwritten signature. The private key is confidential PEP data and, according to Federal Law 63 , the owner of confidential signature data is responsible for maintaining confidentiality. Knowledge of the private key gives access to using the public key transmission system. In general, it is not very important what is used as a PEP public key, subject to three conditions:

1. Access to the public key transmission system, i.e. the process of signing, you can get only with the help of the private key and nothing else;
2. The public key must be unique. Thereby, one-to-one personal data communication is achieved - the private key is the public key;
3. For each document, the public key must be transmitted separately, as is the case with a handwritten signature. One key transfer for several documents is not allowed if it is not a single file archive;

FL-63 in Article 12, paragraph 2 imposes additional conditions on the public key transfer system:

1. Create an electronic signature only after the confirmation by the person signing the electronic document of the operation to create an electronic signature;
2. Definitely show that the electronic signature has been created;

In this case, according to Article 9 of the Federal Law-63 , these conditions do not apply to a simple AED . This makes it impossible to prove the fact of signing, which negatively affects the significance of the signature. The technical solution is recommended to fulfill all the conditions of Article 12, paragraph 2 of the Federal Law No. 63-63 , even if it is not necessary.

In practice, the following solutions are commonly used as keys:

1. Login / password to the personal account in the information system. The password acts as a private key, login - as a public one. This is a feasible solution if, when issuing a login / password, a connection is established with the PD . But, as mentioned above, it is necessary that the private key of the signature gives access only to the transmission system of the public key. Therefore, when signing up, it is very desirable to add two additional keys - a phone number and an SMS confirmation code. A phone number, itself being a PD , acts as an additional public key, in addition to the login, and the confirmation code becomes an additional part of the private key and gives access to the public key transmission system - i.e. possibility of signing.
2. The use of electronic mailbox. The email address is the public key, the password for the mailbox is the private key. This is a valid solution for the PEP as a whole, provided that an unambiguous link between the e-mail address and the PD is established . But not a very good solution for a legally significant PEP, since it has many restrictions on the signing of other documents, except for the actual correspondence. Attachments cannot be considered as signed by a meaningful PEP , for the reason that each document, if it is not an archive in one file, must be signed separately, as it does with a handwritten signature. But a letter with an attachment, in fact, includes at least two documents - the letter itself and the attachment / attachments. Therefore, only a letter can be considered signed, but not attachments. If this nuance is not a problem, there will be no attachments in the correspondence or the signature of the attachments is not important, then it is quite possible to organize a meaningful PEP using e-mail.

Target system on agent system in use

In the agent system, i.e. in office work, when receiving a document from the counterparty, the private key is not used, only the public key is used. The public key, in the case of a handwritten signature, is a monogram. According to the rules of clerical work, the signature is the requisite of the document, therefore the document will be the using system. The concept of “document details” and which elements are included in it are governed by two regulations:

1. GOST R 6.30-2003 “Unified documentation systems. Unified system of organizational and administrative documentation. Requirements for the paperwork "- for Russian documents
2. 85- “On participation in international information exchange” - for international documents.

As a result, for the document as a using system, the following elements can be distinguished:



The signature is an element of the document. For the purposes of this analysis, we are not interested in all the design elements of design, therefore, we will select only two design elements of the design: a signature and other details. Above, we have determined that the signature in the agent system is the public key.



Similar to the public key transmission system, the public key design system has several design solutions. Due to the volume of the diagram, I will not give it here, but I will describe it in the form of a functional tree.

First of all, the signature can be contained both in the document itself and exist as a separate document. The first type of signature is called embedded, the second is detached. The following model appears:

1. The system of registration of a public key embedded in the document
   
   1. Description of the architecture of the handwritten signature
      
      1. The system of identification of the subject of personal data by monogram
      2. Monogram added by the counterparty to the text of the document, according to the rules of agent's office work
   2. Architecture description of a simple electronic signature
      
      1. The system of identification of the subject of personal data on the codes of simple electronic signature
      2. Code of signature in the text of an electronic document, according to the rules of agent's office work
   3. Digital Signature Architecture Description
      
      1. The system of identification of the subject of personal data by a qualified certificate, unqualified key verification certificate, other ways of identifying unqualified signatures.
      2. Information added to an electronic document using cryptographic algorithms
2. Clearance system DETACHED from the public key document
   
   1. Description of the architecture of the handwritten signature
      
      1. The system of identification of the subject of personal data by monogram
      2. Monogram added by the contractor to the text of a special document that is an attachment to the document being signed, according to the rules of agent workflow
      
      
   2. Architecture description of a simple electronic signature
      
      1. The system of identification of the subject of personal data on the codes of simple electronic signature
      2. The signature code in the text of the agreement drawn up between the agent and the counterparty in accordance with applicable law.
      
      
   3. Digital Signature Architecture Description
      
      1. The system of identification of the subject of personal data by a qualified certificate, unqualified key verification certificate, other ways of identifying unqualified signatures
      2. Information saved as a separate digital signature file

On this model of our target system, i.e. A simple electronic signature infrastructure model can be considered constructed. The model reflects the functions, and through the functions and architecture of the signature infrastructure at the agent and counterparty. But modeling on this cannot be considered complete, since another large system is involved in the procedure for working with a signature, which we have so far mentioned only in passing. It is a system in the operational environment within the agent's office management system and its function — identifying personal data by the public key — by a monogram for a handwritten signature or by codes for a simple electronic signature. This system is the most problematic for a simple electronic signature and its elements will be discussed in the next section .