The following is a list and description of the personal users that are used in the remote signature process.
|
User |
Description |
|
Privileged User |
User that performs administrative functions (e.g. creating Signers). |
|
Signer |
A natural or legal person who is authorized to commission or execute server signatures. Provides the SAD via the SIC or the SAK/OS and can sign DTBS/R(s) with its own signature key assigned to it in the cryptographic module. The simple user becomes the Signer as soon as he receives the Signer certificate belonging to the signature key. |
|
Privileged User Admin / Administrator |
Privileged User exclusively authorized to install, configure and maintain the SAM. This role is managed by the operating system of the server environment where the SAM is installed. |
|
Privileged User Technical |
Privileged user who is only authorized to commission or initiate the commissioning of server signatures from the SSA at the SAM as a deputy technical user. |
Table 2: User of the Signature Activation Module
The Privileged User is used in particular for the usage scenarios (US1) Privileged User Creation, (US2) Signer Creation and (US3) Signer Maintenance.
The usage scenarios (US4) Key Pair Generation, (US5) Key Pair Deletion are assigned to the Privileged User and the Signer.
Only the Signer is authorized to commit and have server signatures created using usage scenario (US6) Signing.
The usage scenario is responsible for executing the usage scenario (US7) SAM Maintenance for the purpose of managing the SAM.