Chartered by the Spanish Ministry of Public Works, the Colegio de Ingenieros de Caminos, Canales, y Puertos (CICCP) is the official civil engineering organisation of certified engineers working throughout Spain.
With over 20,000 affiliated engineers, CICCP members are responsible for planning, designing, reviewing building, and approving the public works plans and specifications for Spain’s public infrastructure. In keeping with its mission of ensuring safe and secure transportation, communications, energy, and port construction, CICCP chose HID Global as a key partner for securing the foundation of their smart card-based ID card and business process improvement project.
Electronic public works approval process
CICCP needed to provide its member engineers with an efficient and secure digital signature solution to expedite the approval process for public works projects throughout the 19 provinces of Spain – covering more than 20 million plan reviews per year.
The previous system of paper-based plan review cycles and signing of physical blueprints had proven to be cumbersome and time-consuming. In addition, document management and archiving of hardcopy records required massive amounts of space to store over 25 years of historic project plans. A nine-kilometre railway project would, for example, on average require storage of five large archiving boxes.
Digital identity technology
These challenges presented an opportunity to leverage the latest digital identity technology advances to expedite a core business function. With recent government recognition of digital certificates and PKI solutions as legally binding signatures, CICCP decided to invest in smart card-based digital signature solutions to reduce cost, improve the work experience of their members and to provide more responsive service for the Spanish population.
CICCP needed to provide its member engineers with an efficient and secure digital signature solution |
The decision to move to the combination of smart cards, PDF image capture, and electronic archiving of plans enabled a dramatic reduction in time and resource expenditure. In fact, CICCP anticipates that its initial technology investment of $1.2 million will result in a savings of over $90 million over a one-year period.
Signed PDF capability
Consider, for example, a bridge project that in the past would have required 12 copies of blueprints at an average cost of $10,000 each. All 8,000 pages of that plan required a separate signature and physical stamp from the CICCP-certified engineer.
With HID Global’s smart card client software solution and the U-Sign PDF signing solution developed by HID Global’s channel partner, ipsCA, the approval process is documented via an x.509 standard digital signature which is embedded with PDF documents condensed into a two-gigabyte file on CD or DVD. As a result of this Adobe integration, the Acrobat file can be signed more than once by the multiple parties involved in the sign-off process to reflect status at each step in the plan review. Each signature is associated with a specific version of the document that represents the state of the plan when signed by that respective person.
By storing the private key within the secure cryptographic environment of the smart card chip, the organisation gains the three benefits of HID Global’s ActivClient of increased security, since the user’s private keys for digital signature are stored on the smart card; non-repudiation for legal approval and validity; as well as mobility of the digital signature credentials in the form factor of the smart card.
With HID Global's smart card client software solution, the blueprint approval process is documented via digital signature |
ipsCA integrated the solution for CICCP – including the PKI infrastructure based on Microsoft 2000 CA. They developed a digital signature plug-in “U-Sign PDF” based on certificate technology for Adobe Acrobat software, that interfaces transparently with HID Global’s ActivClient. The plug-in U-Sign PDF extends Adobe Acrobat digital signature capabilities with CRL, OCSP, VA validation and Time Stamping – making electronic documents legally valid and binding.
Smart card-based badge
For the full deployment stage, all 20,000 CICCP engineers will be issued a photo ID smart card that serves as their membership badge and stores their individual digital certificate private keys. The cardholder then installs HID Global’s ActivCient smart card middleware on his / her PC to handle the secure communication for the PKI transaction.
Emilio Marin, CTO, Colegio De Ingenieros De Caminos, Canales, y Puertos, said: “We’re a non-profit organisation with members dispersed across a large geographic area, and using a diversity of computing platforms. HID Global’s ActivClient was the only solution that would allow us to deploy a uniform smart card software and digital signature solution that works across the IT infrastructure of our 20,000 CICCP members – regardless of whether they do their work on Microsoft Windows, Mac OSX, Linux, or Sun Solaris. HID Global’s ease of installation and convenience enabled us to deploy quickly and efficiently to thousands of users.”