Infrastructure simple electronic signature. Part 3: Personal Data Processing Systems

In the first and second parts, the PEP infrastructure in the contractor and agent systems was considered as participants in the electronic interaction. An important role in this infrastructure is played by the personal data (PD) of the counterparty. Agent systems do not create PD , they use data provided by other systems. What are these systems, how does the initial transfer and processing of PD occur? These questions will be the subject of the third part of the article.

Trust infrastructure

Trusted and Untrusted Documents

When examining the target agent system , it was shown that the element of the target agent's system based on the AED codes is an element of the target agent system. In a more global sense, such a system exists not only for the PEP , but also for a handwritten signature, and for EDS, only the data coming in for identification is changing. In the case of a handwritten signature, the signature monogram is identified. The identification process is that the signature is compared with a sample that is either directly stored in the agent system, in the form of, for example, a counterparty card, or obtained from another system that is trusted for the agent. In technical terms, trust is the degree of risk that a message is used in its activities. The message is recognized as either not risky, so trusted , or risk bearing, and untrusted . The risk assessment criteria for the signed document are laid down in domestic and international law. The infrastructure of trust in a personal handwritten signature has evolved over the centuries, risk criteria are well developed, and trust in it is enormous. Unlike a handwritten signature, the criteria for assessing the risks for an electronic signature in any form are just beginning to develop.

Registration of public key

The first process that begins any activity related to a signature is the process of obtaining a signature sample and associating a signature sample with an AP . In the context of our analysis, this is the process of first obtaining a public key, obtaining PD associated with a public key and storing it in the storage system. Technically, this can be done in three ways:
')

1. Local registration - a sample of the public key and PD associated with the public key are received by the agent directly from the counterparty and are stored in the agent's office management system.
   
   
2. Authorized registration - a sample of the public key and PD associated with the public key are stored in the office management system of a third party independent of the agent, with whom the agent is associated with either a bilateral agreement or regulatory acts. The agent receives samples from a third party using any technical interfaces. For example, for a personal handwritten signature, authorized registration is made by the Ministry of Internal Affairs and makes a sample of the public key (monogram) in the identity card (passport). This model is trusted by all participants of the legal field. When authorized registration authority of a third party may be confirmed by special documents. For example, for EDS such an electronic document is the root certificate.
   
   
3. Authorized-local registration . It is a combination of the second and first methods, forming a chain of one-to-one relationships. The authorized body registers the public key and assigns an identification code to this registration. Based on this code, the following person in the chain, using the received identification code, re-registers in its system, assigning its identification data. An example of such a registration is, for example, an email address mapped to a passport.

Authorized local registration generates another system related to the registration of authorities, if the chain is long and contains more than two authorized bodies. We will not consider this system; we only note that EDS makes extensive use of such a system. This is a network of Certification Authorities whose credentials are registered with the help of root certificate chains.

The law imposes a large number of restrictions on the local registration of the public key of the signature, in view of the fact that such registration provides for the receipt of PD . Restrictions are listed in the regulatory act 152- “About personal data” . The most significant of these restrictions are: the need, in some cases, registration as an operator of personal data and the need to create an infrastructure for processing personal data. In addition, to achieve the legal significance of the signature in the local registration is quite difficult, since the establishment of local trust between the agent and the counterparty does not apply to third parties.

Signature trust space

In the process of analysis, the term “significance of a signature” and “legal significance of a signature” are constantly used, and its technical content has not been disclosed. Having analyzed the concept of “trust” as a risk assessment, we can now determine that the technical meaning of the term “significance” of a signature is a characteristic of risk assessment. Significance can even be measured by the number of persons for whom registration of a public key carries no risk, and documents signed by a public key are trusted. In fact, we measure the number of interfaces that can be installed from office systems (agents) to a public key registration system, since they trust it. The result is a domain of trusting agents. This domain has a legal name - trust space. The space of trust can be divided into the following specialized types:

1. Local trust space . This trust space is established exclusively between the agent and one counterparty.
2. Corporate trust space . This trust space is established between one agent and an unlimited number of its counterparties. For example, counterparties using a cloud EDS agent - the Federal Tax Service can be attributed to the corporate trust space.
3. Common space of trust . This trust space is established between an unlimited number of agents and counterparties within one state.
4. Cross-border trust space. This trust space is established between agents and counterparties located in an international field. It can also be local, corporate, or unified.

A personal autographic signature, thanks to centuries of folding infrastructure, is in a single space of trust, and often in a cross-border one. But, unfortunately, it requires only personal interaction with the counterparty. And electronic signatures, being a method of remote interaction, hardly make their way into a single space of trust. The types of electronic signatures in FZ-63 are divided precisely according to the space of trust:

1. Simple electronic signature for local trust space.
2. Unqualified electronic signature for corporate trust space.
3. Qualified electronic signature for a single trust space.

Giving legal significance to the PEP in the legislation is not formalized, since it is located in the local space of trust. At the moment there are no ready-made technical solutions for the transfer of the probe from a local trust space, at least to a corporate one, not to mention a single one. At the same time, in the world, for example, in the USA, due to convenience of use, AED is quite widespread, in Russia this path is just beginning.

The concept of trust spaces PEP

The state has become a pioneer in transferring PEP from a local trust space to a corporate and unified one. Difficulties with the implementation of the public key infrastructure and, accordingly, the digital signature in the masses, in general, leave no other choice. Due to its simplicity, the probe is directly intended for mass use, but the problem is that FZ-63 does not provide for its use in a single space of trust. To solve this problem, the state has issued a number of additional regulatory acts that regulate the use of AED in obtaining public services. But private business did not fall under the scope of these regulations, and for it the use of AEDs in a different trust space besides the local one carries rather tangible risks.

To reduce or level out these risks, private businesses interested in increasing the number of customers receiving services remotely using the probe will repeat the technical solutions implemented by the state for public services. How to do this, we will briefly look at the next, final part. In general, there are only two ways to translate PEP into a corporate or single trust space:

1. Organize a personal visit to the counterparty to confirm personal data.
2. Get personal data from an authorized source. Currently, there is only one such authorized source - the Unified Identification and Registration System (ESIA).

The second method presents difficulties for private business, therefore only the first one remains for them. But then we can talk about a remote service only with a stretch. There is a problem that leaves some room for business ideas and start-ups. The first sign of solving this problem is likely to be a service that is being designed with the support of the Internet Initiatives Development Fund - this is a trading platform for buying / selling personal data. Potentially, such a service will be widely demanded in AES systems. More information about this service can be found in the article on Habré . Due to the fact that the service is only in the project, we still leave out the question: in which trust area will the personal data obtained through such a service be? It is very desirable, if in the results received from the service, there will be a mark, if the data is provided by an authorized source - ESIA.

We considered all the main components of the PEP technical infrastructure. In the next, final part, we briefly summarize the practical recommendations on the organization of the PEP infrastructure in the information systems of agents.

Part 4: Practical aspects of implementation