A preview of the Tractis API

We’re working to launch the Tractis API in the middle of November. The API will allow you to connect directly with our back-end and use digital certificates to authenticate your users, store documents, digitally sign contracts and lots more besides.

The back-end Tractis services are organized into three groups according to purpose: identity services, document management services and digital signature services.

tractis-backend-small.png

Externally accessible services

1. Identity services:

  • Identity Federation Server: Allows single sign-on to Tractis services. A typical use-case is where a customer of a Tractis organization uses multiple services but only has to identify themselves once (to the user organization).
  • Identity and Attribute Authority: Allows the management, certification and verification of attributes of individuals and organizations
    • Management: Allows definition of access control on different attributes, according to their nature.
    • Certification: Allows connections to 3rd party attribute repositories and the presentation of challenges of the holders of an identity (example: authentication using personal certificates issued by a trusted authority).
    • Verification: Allows the lookup of information stated by the user (phone number, address etc.).

2. Document management services:

  • Contract Management System: Allows complete contract lifecycle management.
  • Long-term Archive: Allows long-term storage of documents, guaranteeing their future reproducibility, integrity and authenticity.

3. Digital signature services:

  • Semantic Validation Authority: Verifies the validity of electronically signed documents from a legal and technical point of view. Supports advanced digital signatures based on the AdES format.

The “Evidence Manager” acts above all these services. It stores and preserves evidence for future investigative processes. The evidence manager allows us to show evidence to 3rd parties with regarding the operations performed by the different services.

Internal-only services

As you can see from the diagram, all these services use a series of internal components to guarantees (integrity, durability etc.) all operations performed by the platform.

  • Time Stamping Authority: Applies time stamps to electronic documents, permitting demonstration of document content at a given moment in time.
  • Trusted Time Sources: Providers of Date/Time information synchronized through multiple channels (i.e. internet, phone…) with official sources of time such as the Real Observatorio de la Armada (Spanish Royal Navy Observatory) – official time in Spain.
  • Attribute Repository: Allows storage of user attributes and roles (responsibility, membership of professional organizations…) and makes them available them to the applications that request for them.

Finally, Tractis integrates with Certification Authorities around the world.

Why use this functionality?

We are going to open up the functionality progressively. Initially, we’ll open parts of the “Identity and Attribute Authority” and the “Contract Management System”, which will allow:

  1. Authenticating users via digital certificates (Spanish electronic ID card – DNIe – included), free of charge, from your website.
  2. Automating the bulk sending of personalized contracts to your customers, asking for their digital signature.

All these services will be offered remotely by Tractis. You don’t need to develop, install, configure or maintain an infrastructure valued in millions of euros that is within reach of only the biggest banks. You only need a Tractis account and to integrate with the API.

By David García
Saved in: Announcements, Identity, Programming, Tractis | No comments » | 31 October 2007

More posts in Negonation Blog

«
»