Entrust Signature Activation Module
This module is a security element for digital signing services that follows the remote signing standards defined by CEN and ETSI as part of eIDAS regulation.
Security at the heart of signing services
Strengthen your eIDAS-compliant signing services and create a Qualified Signature Creation Device (QSCD) by integrating our Signature Activation Module (SAM)* and CC EAL 4+ and FIPS 140-2 L3-certified HSMs with your signing infrastructures.
*Estimated CC EAL 4+ certification completion: end of 2021
Entrust Signature Activation Module Benefits
Role segregation
The Entrust SAM acts as a security intermediate between your signing application and the Cryptographic Module (HSM).
Key and signature management
The Entrust SAM authorizes key generation, deletion, assignment of key pairs and signature generation in the HSM.
Authenticity checking
The Entrust SAM is configured to only accept signature requests signed by whitelisted Authorization Servers.
Security records
The Entrust SAM generates audit records for all security events involved in its operations.
How it Works
General Architecture
The following diagram illustrates the Entrust SAM and nShield Solo XC or Connect XC in the context of a Remote Signing Service. The implementation described can vary depending on the implementation requirements and existing infrastructure.
QSCD and eIDAS Compliance
The concept of QSCD is uniquely tied to eIDAS. It is a mandatory element for the generation of qualified signatures and seals, which have the highest level of legal recognition in the European Union. Without a QSCD, a qualified trust service provider can only generate advanced signatures and seals.
Entrust Signature Activation Module Resources
Entrust Signature Activation Module
Security at the heart of your digital signing services
Entrust SAM
The Entrust Signature Activation Module (SAM) is used to deploy a server-side endpoint that will be used by the server signing applications to get data signed (a document hash).
eIDAS-compliant Qualified Signature Creation Device
A future-proof QSCD for qualified signatures and seals under the eIDAS regulation
Why You Need a Root of Trust to be an eIDAS TSP
Read about how the evolving EU regulation on electronic identification and trust services (eIDAS) is establishing the model for legally binding cross-border transactions, not only in Europe, but also across the globe.
Entrust Completes CC Evaluation for its New Remote Signing Solution
Entrust enhances Remote Signing Solution upon completion of successful Common Criteria evaluation, enabling eIDAS-certified cloud signing services.
3Key Company
Entrust empowers 3Key Company to deliver eIDAS-compliant remote signing solution.