On January 27, 2005 JSC “Skaitmeninio sertifikavimo centras” (Digital Certification Centre) presented an application for IVPC to register a company providing qualified certification services. The director of the company Mudrikas Dadasovas tells about the future plans.

On January 27, 2005 JSC “Skaitmeninio sertifikavimo centras” (Digital Certification Centre) presented an application for IVPC to register a company providing qualified certification services. The director of the company Mudrikas Dadasovas tells about the future plans. Beginning our work we understood, that technology of digital signature is not an object but a means of solution for concrete e-business and e-government projects. As the first Lithuanian company providing digital signature services CC plans to participate in the digital signature infrastructure creation process in Lithuania. CC prepared a popular article series where the possibilities of digital signature obtaining, use, checking and implementation of different processes will be explained. The infrastructure of digital signature is composed of: certification service, registration service, users, e-service providers or trusted sides. CC is ready to cooperate with e-service providers and with service recipients. Digital certificates let e-process users legally sign e-documents and identify themselves; also the e-service providers be the e-process participators identity and check the signature’s originality. If a user wants to sign the document legally he needs to have a digital certificate. The digital certificate can be obtained by these means: directly from CC registration service (CC RS) when a user presents all necessary documents or from a registration service authorized by CC where user personal information is verified. For example, telecommunication operators or banks can serve clients by giving them digital certificates. CC supplies the registration service by legal and technologic means, instructs the service personnel. Irrespective of registration service type which clients signed agreements with, digital certificates are issued by CC certification service which has the proper organization and technical resources. The certification centre has to strict requirements, and possesses high intellectual and material resources. According to EU and Lithuanian law anybody can provide digital certification services, but reliable certificates can only be obtained by companies which have a status of a qualified service provider. Digital certificates are created on computer storage devices, for example, on computer hard discs, special chip cards, mobile phones, etc. Where should one keep the personal certificate? It depends on the use of certificate (e-mail signing, business documents and agreement signing, to sign in to computer resources, etc.). Certificates kept on PC hard disc have lowest degree of protection; therefore use of such certificates is not recommended. Certificates can be qualified or nonqualified. The qualified certificate means that it was concluded by a qualified service provider. The answer to question if certificate is qualified can be given by e-service provider. For example, if a governmental institution requires the qualified certificate to sign in to its database it means that all possible users have to present qualified certificates. The process to obtain the certificate is the following: a user applies to DCC registration service to issue a certificate. And if there are no obstacles they are handed over to CC to conclude the certification service. The certificate is given back by the CC to the registration service which presents the certificate to the user. Therefore only registration service cooperates with users. We described the digital signature obtaining process in this article. We will describe the usage of certification in the second one. Digital Certification Centre will answer your questions. Please send the questions to info@ssc.lt. More information about Digital Certification Centre you can find at the web site www.ssc.lt. The 14th annual RSA Conference will be held at the Moscone Center in San Francisco, California, February 14-19, 2005. The RSA Conference is the largest and most comprehensive event created for information security professionals - it delivers more learning, networking and product demonstrations than any other security gathering. Attendees will meet the best and the brightest in the information security industry, both decision makers and technology luminaries. Don't miss your opportunity to learn fresh approaches and develop innovative strategies and tactics to defeat today's biggest information security threats. Leaders of the following companies will make the reports: CISCO (John Chambers), Microsoft (Bill Gates), Symantec (John Thompson), RSA Security (Art Coviello), Sun Microsystems (John Loiacano), VeriSign (Scratton Sclavos), etc. “Computer protection is a complex problem and its solution requires efforts from specialists of different fields. Therefore this is a unique possibility to become acquainted with this industry basic development tendencies and to communicate with concrete program and technical products providers”, says JSC “SSC” representative Mudrikas Dadasovas. “It is important for us to participate in conference debates, and learn new opportunities of world experience. We will have many individual meetings which will let our company improve common cause cooperation. We won’t demonstrate our production during the conference, but the meeting will help us to introduce the partners to our first product: a program “JUSTA – light” created for all digital documents signature. The program is for be assigned for usual and personal users. People can use it without special knowledge. It is important that “JUSTA light” can “speak” a client language; there are Lithuanian and English program versions”.