© 2017 Avaya Inc. All rights reserved
Release Notes for Avaya Scopia® XT Series What’s New | 15
Important
“Recording Date &Time Stamping” (and “Recording Digital Signature” explained in
next section) is available only for locally recorded files (USB storage).
Recording Digital Signature
A digital signature is a mathematical scheme for demonstrating the authenticity of digital messages
or data. A valid digital signature gives a recipient reason to believe that the data was created by a
known entity (authentication), that the entity cannot deny having signed the data (non-repudiation),
and that the data was not altered (integrity).
A digital signature is the digital equivalent of a handwritten signature or stamped seal, but offering
far more inherent security, a digital signature is commonly used when it is important to detect
forgery or tampering.
As an electronic analogue of a written signature, a digital signature provides assurance that:
claimed signatory signed the information, and
information was not modified after signature generation.
Digital signatures are based on public key cryptography, also known as asymmetric cryptography.
CAdES (CMS Advanced Electronic Signatures) is a set of extensions to Cryptographic Message
Syntax (CMS) signed data making it suitable for advanced electronic signatures. CAdES files have
p7m extension and can be validated using public available software.
To add a digital signature for an USB recorded video, the XT creates a one-way hash of the mp4
file (using SHA256). The value of the hash is unique to the hashed data (recorded video). Any
change in the data, even changing or deleting a single video frame, results in a different hash
value.
This hash is then signed with a customer loaded digital signature (or a default one generated by
the XT) as specified by CAdES and the resulting signed hash -- along with other information about
the signer’s and root CA certificate -- is stored as a p7m file in the USB storage, together with the
recorded video.
When the recorded mp4 file is validated by the XT, the XT is able to detect if the recorded video
hash corresponds to the digital signed data contained in the associated p7m file, and also to
display information about the signing entity.
The p7m file can also be used by a third party to validate the recorded file signature (for instance
using online p7m validators, such as https://www.firma.infocert.it).
Important
When XT is configured to back up the .mp4 recorded files to a generic FTP server,
the .p7m file is also saved. This is not available for AESR.
To Next Page
Loading...
