Home>MeSign Document Digital Signature and Encryption Solutions

Trusted Paperless Application Solution for Education

1.Email encryption and digital signature automation solution

The education industry includes government education department, universities, primary and secondary schools, and kindergartens. There is a large number of emails need to be processed every day. These emails almost involve the confidential information of students, teachers and parents, but they are all sent by cleartext emails, which are very easy to be illegally stolen and tampered with. This is an email security problem that must be resolved as soon as possible as soon as possible.

To ensure the security and confidentiality of the email, the content of the email itself must be encrypted. To ensure the credibility of the email without being counterfeited, every outgoing email must be digitally signed. To ensure the time of the sent email is credible, every outgoing email must be timestamped.

Education organizations simply change the current email client to MeSign APP to achieve full encryption, end-to-end encryption and fully automatic encryption, as well as fully automatic digital signature and timestamp. If education organizations think it is not practical to change their email client, then they can deploy MeSign Mail Gateway to encrypt every outgoing email without changing email client.

And we recommend that education organizations can deploy their own cryptographic key management system (KM) to fully control their encryption keys to meet the high security requirements of email security. Using MeSign for end-to-end email encryption can make education organizations to truly implement mobile working and meet the high security requirements for email easily and possibly.

As shown in the following diagram on the left, in order to ensure that the encryption key is highly secure and controllable, education organization only needs to connect the plug-and-play KM device to the intranet. All staff’s computers and mobile devices must be able to connect to KM device to get the encrypting certificate private key. After successfully obtaining the encrypting certificate, the email encryption can be used normally. KM devices cannot access the Internet and are limited to employee computers and mobile devices access in intranet to ensure the device and private key security. Education organizations can also build their own CA to issue certificate for its users instead of using the MeSign default CA. MeSign provide a plug-and-play CA device that just need to connect to internal network, and MeSign APP will get the signing certificate and encryption certificate from this in-house CA system, not from MeSign default CA.

In other words, MeSign encryption solution allows education organizations to achieve complete and autonomous control of confidential emails by simply managing and controlling the encryption key and/or issue the certificate by itself even the application environment is untrustworthy.

2.E-document signing and encryption automation solution

The education industry includes government education department, universities, primary and secondary schools, and kindergartens, which issue a large number of certificates, notices, transcripts, certifications, and the internal documents signing etc. They have begun to shift to paperless, but the problem is how to ensure that these electronic documents are really issued by school, have not been impersonated, or tampered. At present, the only feasible technical solution is to digitally sign the PDF document with timestamp and send them to users using encryption.

MeSign not only provides document digital signature automation solution that can help the PDF documents that generated by the internal education systems to achieve a trusted digital signature with one click, but also provides the email signature and encryption automation solution to help the education systems to send the signed PDF document by encrypted email to students, teachers and parents, and completely make the electronic files with reliable digital signature without counterfeiting and make the delivery of electronic files more secure.

The eSigning solution for government education department is same as for government agency. For schools, as shown in the above diagram on the right, it can be a school self-built eSigning system or an eSigning system built by the government education department as a public service platform for use by all schools. Students, teachers, and parents can handle the educational affairs, online learning, and admission registration services on the e-educational service system. After completing the online forms, students, teachers, and parents can submit their signatures by hand into the e-educational system, after the processing is completed, the e-educational system calls the cloud MeSign eSigning Service system or locally calls the MeSign e-Signature System to sign the PDF file with Adobe trusted certificate. For services that do not require the user to fill in the form (such as announcement or notice), the PDF file generated on the e-educational system can be directly called the MeSign eSigning Service to complete the PDF signature.

It is recommended to encrypt all important education affairs documents. System just need to call MeSign public key certificate database (CerDB) to obtain the user's encryption certificate to encrypt the PDF file, the user can seamlessly view the encrypted PDF file by using Adobe Reader. The e-educational system sends encrypted emails to users using the user's encrypting certificate, ensuring the secure and reliable delivery of various user confidential documents. Users only need to use MeSign APP to decrypt and read the documents.

This solution has four advantages to ensure that all important documents of education industry are trusted paperless and encrypted in delivery:

  1. From the user's online application to the delivery of document, the whole process is trusted paperless and is automatically encrypted in delivery. All documents have digital signatures to prove the true identity of the issuer of the document, preventing the educational documents from being counterfeited.
  2. Not only the educational documents sent to users have Adobe global trusted digital signatures to prove their identity, but also the educational documents can be encrypted with user certificate, and only the designated users can open and read it.
  3. This solution not only provide PDF file signing and encryption, but also it provides the function to deliver encrypted email to ensure that the PDF file will not be easily stolen and tampered with during the delivery process.
  4. All signed PDF files can be stored by encrypted archives, and all files are time stamped to ensure that once all files are signed and archived, no one can modify these files. Otherwise, the signature and time stamp information will be invalidated, effectively ensuring the long-term security and credibility of the document. The timestamp signature is very useful for subsequent file inspections and audits and can ensure that the document signing behavior and the signing time is authentic, undeniable and cannot be tampered with.