Digital signatures subsystem

🌐 This document is available in both English and Ukrainian. Use the language toggle in the top right corner to switch between versions.

1. Overview

The Digital signatures subsystem handles operations related to applying and verifying digital signatures to ensure data integrity during cross-service interactions using specialized cryptographic modules.

2. Subsystem functions

Retrieving digital signature owner’s data.
Verifying the ownership of the applied digital signature.
Applying a digital signature to data entering the registry or a digital document using the registry electronic seal.
Verifying the ownership of the applied registry electronic seal.

3. Technical design

4. Subsystem components

Component name Registry representation Source Repository Function

Component name	Registry representation	Source	Repository	Function
Digital signatures service	`digital-signature-ops`	origin	gerrit:/mdtu-ddm/low-code-platform/platform/backend/applications/digital-signature-ops	A digital signature component that leverages the capabilities of an external digital signature library and provides digital signature functionality.

Digital signatures service

digital-signature-ops

origin

gerrit:/mdtu-ddm/low-code-platform/platform/backend/applications/digital-signature-ops

A digital signature component that leverages the capabilities of an external digital signature library and provides digital signature functionality.

5. Technological stack

The following technologies were used when designing and developing the subsystem:

6. Subsystem quality attributes

6.1. Observability

The Digital signatures subsystem supports incoming requests logging and collecting performance metrics for analysis through the web interfaces of respective Platform subsystems.

For details on the subsystem design, see:

6.2. Portability

The Digital signatures subsystem can be migrated, deployed, and managed in the same reliable manner on different container orchestration platforms in various cloud environments or a dedicated data center infrastructure.

For details, see Container orchestration platform.

6.3. Interoperability

The Digital signatures subsystem can easily be integrated with other subsystems and external systems, such as Accredited Key Certification Centers, via standard communication protocols. This ensures that the digital signatures generated by the subsystem can be verified and trusted by any recipient or third-party system, enhancing the signed documents validity and the overall reliability of the Platform.

6.4. Scalability

The Digital signatures subsystem supports both vertical and horizontal scaling.

For details on subsystem scaling, see Container orchestration platform.