MILESTONE
USER MANUAL
Ethos EZ User manual MA073-006
- 89 -
handwritten signature.
out that the electronic signature has same validity
as a handwritten signature.
11.200 - Components and control of the electronic signature
11.200 (a)(1) Use of two different
components for the
identification.
For the access to the system and for the
achievement of the electronic signature it is
required an identification through a write-
protected memory card and a password.
11.200
(a)(1)(i)
If several signatures are
not made within a
controlled operation, then
with the first signatures
all security components
must be used, with
following signatures at
least one component
must be used.
To access the system the identification must be
made by the memory card and the password. As
long as the memory card is already in the system,
only the password will be entered, the memory
card will be asked for automatically.
11.200
(a)(1)(ii)
If signatures are not
carried out within a
controlled operation, then
all security components
for the signatures must
be always used.
To access the system the identification must be
made by the memory card and the password. If
the memory card is removed from the system,
then the user must identify himself again by
inserting the memory card and the input of the
password.
11.200 (a)(2) Use only by the genuine
owners
Each user can choose his own password to
guarante that this cannot be used by any other
person.
11.200 (a)(3) Use of a foreign signature
needs the co-operation of
at least 2 persons.
For the execution of a foreign signature the
memory card with the identification and the
related password must be present.
The organization of the user must guarantee that
these two safety components are administered by
more than one person.
11.300 Control for identification/password
11.300 (a) Combination of
identification and
password must be
unique.
The system prevents the repeated use of the
same password by different users. Each user
must identify himself by his memory card and a
password.
11.300 (b) Periodic checks of the
passwords.
The organization of the user must guarantee that
at reasonable time intervals the passwords are
renewed and/or changed.
11.300 (c) Loss management
procedures
The access to the system is in 3 levels
- supervisor + service
- administrator
- user
The superior level can at any time administer and
To Next Page
Loading...
