Home >> Technical Notes
Technical Notes
FlowMind - WorkFlow / BPM Engine Print E-mail

All the components of the architecture run on a single Java Virtual Machine (JVM).

ISO 9000 Print E-mail

The 2000 version of the ISO 9000 standard recommends a process approach. Process automation is fully in line with the PDCA (Plan/Do/Check/Act) approach defined in this standard.

Digital signatures Print E-mail

An electronic document may be signed by a procedure known as digital signature, which is equivalent to a handwritten signature for a paper document.

In the same way as handwritten signatures, digital signatures are used to identify the author/co-signatories of an e-mail or any other electronic document, for example : information entered during the handling of a task in a process.

Digital signatures are created and checked using digital certificates.

Digital signatures can provide the following functionnalities : authentication, confidentiality & data integrity and non-repudiation.

What does "integrity" and "confidentiality" of information contained in a digitally signed task mean?

The digital signature protects the integrity of the information – this means that the information contained in the signed task has not been altered, whether voluntarily or involuntarily, since its signature. From a technical point of view, the digital signature contains the digital print of the entire message which has been signed. Any modification made to this document after signing invalidates this print.

What does "non-repudiation" of the information of a digitally signed task mean?

Process information can be modified only if it has been authorised and planned for in the process definition. In this context, non-repudiation is ensured by the structure of the process.

The digital signature reinforces non-repudiation : the signatory of the task proves his or her identity. Non-repudiation makes it possible, at a later date, to establish who participated in a transaction – the participant is unable to deny having processed the task. In simple terms, non-repudiation means that information cannot be rejected, in the same way as for handwritten signatures.

Implementation of digital signature with FlowMind ?

  • Players have a digital certification (digital file, smartcard, USB token). The certificate is established by a third party company if legal value is required for use outside the company, or is managed internally by the company (the company itself issues its staff members certificates used for processes).

  • When processing the task, a dialogue box (Java applet) enables the participant to choose the certificate used to sign the task.

  • Then, FlowMind generates the signature, which contains : the data file to sign (the task and all its information), the certificate and the signature data. This document constitutes the encrypted document.

  • FlowMind stores this encrypted document. It may then use it to manage the non-repudiation of data. Signature mechanisms/Java cryptography permit the decryption of a signature to check the exactitude of the data (this task was carried out by participant X and the information contained has not been altered).

Public Key Infrastructure - PKI Print E-mail

A Public Key Infrastructure (PKI) may be used to authenticate a users and a system. The system presents itself to a user with a certificate and the user presents their own certificate in return. 

PKI ensures the security of exchanges through encryption and hash coding. PKI may also be used to manage a digital signature system.

FlowMind provides a simple authentication system based on a login and password. 

However FlowMind can be combined with an authentication system such as PKI or certificates. 

FlowGate also supports the SSL protocol.


Page 4 of 6