Parsons Brinckerhoff
Worldwide LocationsContact PBLegal NoticeSite MapHome
PB Websites search Advanced Search
MarketsServicesAbout UsPeople and CareersNews and EventsResearch LibraryProjects
PB Network Email This Page
Go To Other Issues | Contact PB Network | Print This Article 
<< Go To Previous Article | Table Of Contents | Go To Next Article >>
Power Engineering
November 2000 • Issue No. 48 • Volume XV • Number 3
Better Business Through Technology
Expect to be Using E-signatures Before Long
By Mark J. Cipolloni, Princeton, New Jersey, 1-609-734-7006, cipolloni@pbworld.com
In a continuing series of articles about how technology can improve PB's business, Mark discusses electronic signatures and how we might be using them at PB someday soon.
The Electronic Signatures in Global and National Commerce Act, signed by President Clinton on June 30, 2000, will likely have far-reaching effects in our industry. In essence, this act gives electronic signatures the same legal status as those written on paper in ink.

Although e-signatures are already legal in most states, differences in what constitutes a legal e-signature in each state have kept industries from supporting them. Now, that all may have changed.

What Constitutes an E-signature?

In reality you have probably already used an e-signature of some sort. An e-signature is whatever two entities agree it is. The act states: "The signature may be an electronic sound, symbol, or process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record."

Since you log onto your e-mail account with a password known only by you, your signature at the end of the e-mail is legally one type of e-signature. Another example would be a PIN number that you are asked to provide after placing an order or when using an automatic teller machine. By the fact that you inserted your card, which has your identity embedded, and entered your PIN, the bank can be confident that you are who you say you are. A third example is a digitized image of your actual handwritten signature that is somehow embedded into the electronic document.

The above three examples are the simplest forms of e-signatures in use today. When it comes to affixing your e-signature to an engineering drawing, whereby you are held liable for the engineering contained on that document, a much more sophisticated means is required, especially since any number of people may have access to a CADD drawing that could be altered and reprinted after you have approved it. More on this later.

E-Commerce has Increased the Need for E-security

The explosion of the Internet and the ability to purchase goods and services online (i.e., e-commerce) have been the two major changes that have led to the need to ensure a customer's identity. In turn, customers wants to be certain that no one else can use their credit cards or other personal or confidential information.

In person-to-person transactions, security is based on physical cues. Consumers have come to accept the risks of using credit cards in places like department stores because they can see and touch the merchandise and make judgments about the store. On the Internet, without those physical cues it is much more difficult to assess the safety of a business. Also, serious security threats have emerged that have led to electronic security measures, including digital certificates, encryption and smart cards.

Digital Certificates. In today's business world, many transactions are made via the Web and the concept of digital certificates has become an integral part of most security policies. Digital certificates are electronic credentials that identify parties over the Internet and enable certifiable digital signatures for online transactions and communications.

Recently the Commonwealth of Pennsylvania selected VeriSign to provide managed digital certificate services to enhance the security of its online Justice Network (JNET) criminal records application. Leveraging VeriSign's services, the Commonwealth will issue digital certificates to authenticate authorized state, county and local government officials who access offender records and other criminal justice information over the Internet. This move enables participating agencies to access electronic information securely, thereby reducing errors in data keeping and decreasing the costs of managing criminal records. I present this example because soon our clients may be accessing our engineering documents via the Internet!

Encryption. Online banking is an industry that has become very popular and, because it involves people's bank accounts, the need for a higher level of security is required. The software, such as MS Money or Quicken, uses encryption technology not only to identify you, but also to ensure that someone else doesn't intercept your transmission and steal your vital information.

Smart Cards. Recently, Steve Ballmer, Microsoft's CEO, predicted that in 18 months all new PCs would contain a slot whereby you would insert your personal smart card to identify who you are. A smart card is the size of a credit card, only slightly thicker. They are read/write cards that contain all your vital information. When you sit down at a PC you would insert the card, be prompted for a PIN or some other form of identification, and that identification would be used for all transactions from that PC until you removed your card.

Engineering Drawings and E-Signatures

State boards that oversee the issuance of professional engineering licenses are struggling with the issue of electronic signatures on engineering drawings. Some plan sets contain hundreds of drawings. By law, each must be plotted on mylar or some other reproducible material and signed and sealed by the licensed professional engineer responsible for each. Because most engineering drawings are now produced using CADD, some engineers would like to be able to sign the drawings electronically after they have reviewed and approved them.

However, if the electronic file is turned over to the client, how is the professional engineer assured that no one alters the drawing after it leaves his or her office? Of course the same could have been said years ago for ink on mylar drawings-what was to prevent someone from making changes to the mylar? The problem exists in both cases, but CADD makes it a little easier to make such changes and harder to trace them.

To protect the engineer, in the future we will see digitized signatures that are linked to mathematical algorithms that verify the authenticity of a drawing. If someone were to change the drawing after "e-signing," the signature would be broken and rendered invalid.

Conclusion

In summary, there are many different types of electronic security methods either already in place or evolving. In the future, expect to be using them daily, both at work and at home. They will go a long way in saving you time and preventing inconvenience. More importantly, do your best to understand the basics of the technology to put your mind at ease that your vital information is secure.
Mark Cipolloni is a project manager for high-tech projects in the Princeton, New Jersey office. He has been with the firm for almost 21 years and has been one of the strongest proponents of the computerization of PB over the last 10 years. In addition to his project assignments, Mark serves as Manager of Computer Technology Standards and Applications under the Office of Professional Practice (OPP).
<< Go To Previous Article | Table Of Contents | Go To Next Article >>
Go To Other Issues | Contact PB Network | Print This Article 
Markets  |  Services  |  About Us  |  People + Careers  |  News + Events  |  Research Library  |  Projects
Worldwide Locations  |  Contact PB  |  Legal Notice  |  Site Map  |  Home
© Parsons Brinckerhoff