XCHANGE is a software platform that facilitates the secure interchange of structured and unstructured documents and data among trusted partners (e.g. individuals, enterprises, organizations, governments). XCHANGE integrates EJBCA, a powerful Public Key Infrastructure (PKI), preferred by many European governments and organizations. To ensure data integrity and fraud prevention (e.g. impersonation, etc.), it utilizes digital certificates to realize several security mechanisms, including a digital signature on documents and data files, the asymmetric encryption of digitally signed documents and a single sign-on for users. Taking existing cases into account, XCHANGE interoperates with various PKI Certification Authorities (CAs) to smoothly integrate and synchronize existing PKI structures in its infrastructure. Featuring a sophisticated programmable design studio, XCHANGE enables the definition of document templates and data structures to facilitate the automated generation of web forms (with consolidated validation rules) for the end-user to fill in and produce PDF files that automatically adopt specific document templates. Thus, the process of creation, management, revision and transmission of structured and unstructured documents is fully automated and implemented according to the validation rules and operational procedure defined by the customer.
XCHANGE facilitates the creation of machine-interpretable manuscript formats, document templates and data schemas, which can be easily rendered as web forms and transformed into standardized PDF documents.
XCHANGE incorporates a document signing environment where end-users can sign the civil-status-related PDF documents with their locally installed digital certificate and receiving users can validate the author’s identity by comparing and matching it to the sender’s paired public key—stored and publicly available in the online end-user accounts directory. Finally, it applies symmetric encryption technology to secure document and data storage inside the platform’s DBs.
XCHANGE incorporates a full-fledged business process design and execution environment for the creation and deployment of any business process. The environment’s customizability enables the definition of an extensive set of UI modalities to facilitate the end-user’s interaction.
The Internet’s hostility is the major reason for enforcing encryption on the digital certificates to be exchanged. Asymmetric encryption technology, namely the AES 256 standard, is applied to ensure the highly secure transmission of digital documents among all interested entities.
XCHANGE supports an entirely multilingual operation, applied to the labels of all dynamically generated web forms and web pages, the end-users’ input and the produced digital documents. By using their native language the end-users interact with the platform in a friendlier way.
XCHANGE encloses a custom-made software for the digital signing and encryption of documents which employs the Java Web Start technology, a helper application that is associated with a web browser and enables standalone Java software applications to be deployed on the Web. The entire process concludes without any user interaction required, except for the initial click. The signing utility ensures the platform’s interoperation with the various available HSMs.
It’s important for a third party to be able to validate (in real-time) the originality, authenticity and integrity of a digital document printed and handed out by a requestor. XCHANGE proposes adopting the 2D barcode techniques (e.g. the encrypted QR codes with 56 bits encryption) which are able to store all of the e-doc’s crucial information, including but not limited to the issuer’s name and affiliation, the issuing time and location, and a subset of the PDF document’s data. This encrypted 2D barcode can only be decrypted by cross-platform mobile applications–developed in the context of the XCHANGE deployment and distributed exclusively to authorized closed groups of users. This way, only authorized personnel can validate the printouts and have access to any sensitive information.
XCHANGE promotes the service-oriented adaptation of third party systems, constituting a customizable mechanism for the dynamic generation of Web Services on top of any interoperating systems’ data sources. On the one hand, it enables binding to any legacy systems’ data sources and the ad-hoc definition of custom business objects out of their data models, providing a user-friendly wizard that permits graphical browsing and navigation of each data source model. On the other hand, it enables the deployment of any required Web Services facilitating interoperation with existing APIs or other software modalities to enhance integration with existing software systems.
The basic functionality of the XCHANGE platform for the secure exchange of digitally signed documents has been extended to also cover financial transactions. Thus, an e-payment component has been designed, implemented and integrated to facilitate any type of e-purchase required during the business process of acquiring digital documents.
An International intergovernmental organization that operates towards the European integration. According to its rules, ICCS aims to facilitate international co-operation in civil-status matters and to further enable the exchange of information between civil registrars. Thus, ICCS sought for a software infrastructure that would materialize its convention for the international, secure and electronic exchange of civil-status documents among civil registrars of its member states. UBITECH instantiated and implemented the software interfaces required to allow the interoperation of XCHANGE PKI infrastructure with the existing ones in the various member states. XCHANGE security mechanism was bundled with the asymmetric encryption component to ensure the secure and intact transmission of the personal data of the Citizen through the unsecure environment of Internet XCHANGE multilingual features both of the assistive tools as well as of the integrated document exchange environment provided the means for a fully localized end-user experience The execution of the project led to the: a) promotion of cross-border electronic exchange of civil-status data and documents, with standardized application forms and legally-binding documents and b) highly-secure cooperation between authorities, thus accelerating and facilitating information exchanges, procedures and free movement of citizens, and preventing any fraudulent interchange of life events data
The National Registry of Persons (RENAPER – Registro Nacional de las Personas) is the national agency responsible for the registration and identification of all individuals who are domiciled in the Argentinian territory or jurisdiction of Argentina. Thus, RENAPER sought for a) a holistic software solution that would comprise an integrated environment built by utilizing various modules in order to facilitate the homogenized user interaction, as well as, b) a software platform that would allow for the exchange of digital civil status documents among provinces. UBITECH customized the distinct sub–modules for signing and encrypting in order to provide added-value functionalities for the digital signing and PDF extraction from the dataset inside the National Database. XCHANGE digital document signing and encryption environment was on-the-fly installed in the personal PC of each Civil Registrar in a secure environment in order to maintain all the security constraints. The execution of the project led to the: a) Promotion of intra-country electronic exchange of civil-status documents with standardized application forms and documents, and b) Highly – secure cooperation between authorities, thus accelerating and facilitating information exchanges, procedures and free movement of Argentinian citizens.