A-SIT demonstrates achieved results by working on qualified confirmations and it creates reliable technical certificates for marketed cryptographic products, security methodologies and organizational procedures for many years. Proven scientific methods, looking back to many years of practical experience and delivering a large number of successfully implemented projects in the IT security domain, build the baseline for these valuable tasks at A-SIT.
The results our customers get. In particular, the analysis and the assessment of applied security concepts and installed solutions in the area of qualified electronic signatures are relevant. Additionally, A-SIT issues official and as a consequence legally valid certificates for Qualified Signature and Seal Creation Devices (QSCD).
A-SIT confirms the fulfilment of both the legal requirements as well as the technical specifications for products, individual components and procedures to derive qualified electronic signatures w.r.t. the current state of the art.
Your added value. The evaluations explained are instrumental to obtain the trustworthiness of digital signature products achieved by the legal validity in terms of a handwritten signature (e.g. on paper). This demonstrates a vital requirement. The implementation of this targeted requirement has been achieved and it thus became reality with the introduction of qualified electronic signatures. It constantly constructs new requirements. Moreover, it enables to gain advantages of the opportunities offered and develop profitable business areas to create an innovative and strong Austrian business location.
Essential tasks and responsibilities of the confirmation body at A-SIT are:
- eIDAS-Confirmations. Create and issue QSCD-certifications pursuant to Art. 30 para 1 eIDAS (Nr. 910/2014) (such certifications are no accredited conformity assessment)
- RTR-Support. Development solutions for the supervisory authority (Telekom-Control-Commission & Broadcasting and Telecom Regulierungs-GmbH – RTR) to answer technical questions (e.g. under SVG §12 (3) etc.)
- Technology-Monitoring. Research and continuous observation of technological evolution in terms of technical components installed and organizational processes applied
Strengthen your confidence. Consumers rely on the accomplished security levels when applying cryptographic products. This holds particularly in the domain of electronic signatures. As a result, it concerns the algorithms applied, the methods engineered and the techniques developed. In order to systematically dissolve the associated complexity of such a topic, both conducted reviews and continuous monitoring of compliance measures are outlined by appropriate legal bases. To gather more details, relevant legal bases include, for instance:
- eIDAS. REGULATION (EU) Nr. 910/2014
- Technical Requirements. COMMISSION IMPLEMENTING DECISION (EU) 2016/650
A-SIT as a qualified partner to deliver. The inspections are conducted by eligible experts at A-SIT. A substantial subset of this diagnoses are accomplished by A-SIT as an Austrian confirmation body (Federal Ordinance BGBl II 2000/31). Furthermore, A-SIT is listed as a notified confirmation body of the European Commission, officially.
Obtain operating conditions and optimizations. A-SIT derives particular recommendations to improve technical and organizational operating conditions for TSPs. A-SIT activates the permanent improvement of security levels. Moreover, A-SIT detects gaps or identifies adjustments and amendments of the technical regulations in the field of cryptographic algorithms as well as in the subject of associated cryptographic parameters (e.g. reliable key lengths etc.).
International cooperation and evolution. A-SIT contributes to initiatives both in terms of international electronic signature topics and in terms of cryptography concerns. Such efforts produce results in the European Electronic Signature Standardization Initiative, CEN / ISSS, OECD and the Council of Europe.