Buy Digital ID for Secure Email and CAD Drawings

Below is taken from one of the Digital ID providers to help assist your migration into Digital ID’s for CAD Drawings. These certificates should not cost more than $20.00 USD for 1 year.

Digital IDs for Secure Email allow you to digitally sign and encrypt your digital communications using a certificate, bound to your validated email address. Recipients of your email will know that the content came from your email address and has remained private during transmission.

Key Features

  • Signed Emails: Symantec Digital IDs can be used to digitally signed emails. Many email applications, such as Microsoft Outlook, display an red ribbon icon on the email to inform your recipient that the email came from you.
  • Encrypted Emails: Symantec Digital IDs can also be used to encrypt emails to protect the email content in transit. Many email applications, such as Microsoft Outlook, display a blue envelope icon on the email to inform your recipient that the email is encrypted. Only your recipient can open your email.
  • General Signature & Encryption: Symantec Digital IDs can be used in many popular applications with digital signature and/or encryption features. For example, Microsoft Word allows you to digitally sign Word documents with your Symantec Digital ID. PKWare enables you to encrypt zip files with your Symantec Digital ID.

Key Benefits

  • Trust: Symantec Digital IDs chain to Symantec Class 1 Primary Certificate Authority (PCA) which has been distributed to major software and hardware vendors. Because of this ubiquity, Symantec Digital IDs are automatically trusted by popular applications including web browsers, email clients, etc.
  • Native Support: Symantec Digital IDs comply with Secure/Multipurpose Internet Mail Extensions (S/MIME) standards. Many email applications including Microsoft Outlook, Mozilla Thunderbird, and Lotus Notes Mail natively support S/MIME and work seamlessly with Symantec Digital IDs.

Here is a link to the video on what product to purchase at Verisign (Symantec Now) to one of the providers http://youtu.be/NnEh0CXmobw

To Import a Certificate

To import a certificate

  1. Open the Certificates console for the user, computer, or service you want to manage.
  2. Select a certificate store for the certificate type you want to import. For example, you might select the Personal store under Certificates (Local Computer).
  3. On the Action menu, point to All Tasks and then click Import to start the Certificate Import Wizard.
  4. Type the file name containing the certificate to be imported. (You can also click Browse and navigate to the file.)
  5. If it is a PKCS #12 file, do the following:
    • Type the password used to encrypt the private key.
    • (Optional) If you want to be able to use strong  private key protection, select the Enable strong private key protection check box. Enabling strong private key protection will ensure that you are prompted for a password every time the private key is used. This is useful if you want to make sure that the private key is not used without your knowledge.
    • (Optional) If you want to back up or transport your keys at a later time, select the Mark key as exportable check box.
  6. Do one of the following:
    • If the certificate should be automatically placed in a  certificate store based on the type of certificate, click Automatically       select the certificate store based on the type of certificate.
    • If you want to specify where the certificate is  stored, select Place all certificates in the following store,  click Browse, and choose the certificate store to use.

This information was obtained from the following Microsoft link: http://technet.microsoft.com/en-us/library/cc776889(v=ws.10).aspx

Protect CAD (Round Trip)

I once thought the hard copy or electronic CAD file in my records was the original drawing. If emailed to a client, it turns out this notion would not hold up in the court of law. Drawings that are emailed are sent to the cloud, a cluster of computers, and move from computer to computer before they reach the end user. At any point along the trip, the drawing can be changed, and the point of this example is verifiable, repeatable evidence the drawing has not changed. The end user expects they hold an exact copy of the original CAD file. How do you know they have the same file as the one you sent as the email attachment? Well, it turns out you have a few methods to solve this dilemma. A sign your drawing with a Digital Certificate, or Password Protect with Hash comparison will be discussed here.

I sign my drawings with a Digital Certificate, which has a digital fingerprint unique to me and my personal email address. If the drawing changed and emailed back to me, I will be able to verify the drawing has changed. This process is done for me and is built into AutoCAD. The other method (Password Protect) requires more than a Password to verify your drawing. Since passwords may be compromised, there needs to be a secondary method to verify the state of the drawing.  Before sending the drawing to your client, use a Hash Algorithm software like in AEC Signature will record the hash code of the drawing in a separate text file. Remember, when using  any Hash Algorithm software, the CAD drawing must be closed, or at a minimum, the software must copy the drawing to a temporary directory(to allow full read) to return an accurate hash value.

In summary, you can use a Digital Certificate to verify the round trip state of your drawing. This is common practice with other file types. The second method would be use a password to protect the document along with the hash code of the document stored in a safe place before you send the files to your client.

 

Protect CAD Documents

With Autodesk products, there are two methods used for protecting a drawing. Digital Certificate or Password Protect you document. We will give you a short description of each and describe how a Hash Code can help determine if a drawing is valid.

Digital Certificates

You may purchase a standard (Person Not Validated) Certificate from Verisign for $20USD. This validates the user by email only. Other more strict certificates will call and verify the business information. Once you have downloaded a certificate, it will have a Private Key that you will choose when creating the certificate. To install this certificate with a Private Key (PK), you will be prompted to enter it to install on your local machine. If you only need the Public Certificate (Without PK), you can export this with Internet Explorer, under Certificates. You may distribute the Public Key to any user along with your CAD file that has been signed with your installed PK Certificate. If you do not send the Public Key Certificate for the user to install, they will not see the drawing is Valid Signature Dialog Box.

To use a Digital Certificate, do the following steps:

1. Purchase a Digital Certificate; You will create a PK, which is stored inside the Certificate.

2. Install the Digital Certificate on your local machine for strong PK signing of CAD drawings.

3 Either you the Autodesk Certificate dialog under “Security Options” or use AEC Signature to sign your drawing.

4. Distribute your Public Key Certificate (Must be Exported. http://youtu.be/r6mhVkZIdnI ). This does not have a Password attached, so the user can click to install.

As a result, the end user can’t change the certificate on the drawing, but will be notified if they change it on their end.

Password Protect

Under Security Options in AutoCAD, select Password Protect Document, and enter your password. This will force the user to enter a password to open the drawing. Note, you CANNOT use Certificates and Password Protect at the same time. It’s either or! With AEC Signature, you can password protect the document and generate a report.

Hash Code

Hashes, Checksums or Cyclic Redundancy Checks (CRC) are used on CLOSED files with read access to generate a hash code to compare with the original file to determine if there have been any changes. If the codes are not equal, then the file has changed. AEC Signature uses the following hash algorithms: MD5, SHA1, SHA256, SHA384, SHA512.

If you have an open CAD file, the file access is partially locked, so hash software cannot complete the read. That is why we write out a copy of your drawing in AEC Signature. We can then perform a read to generate a public key report.

 

AEC Signature 2013 Road Map

In 2012 version, we incorporated the Professional Reports, Time Tracking, and a new UI look, which we will keep as we move forward.In this version of AEC Signature 2013, we hope to include several enhancements listed below.

1. The ability to insert a Bar Code and QR Code Block into your drawing.

2. Professional Seal Maker. Make a conforming seal that works with the software automatically.

3. Future work that will override and augment the security settings in the Autocad file. These will support Military Classifications of Security with CAD drawings. More on this as these features are implemented.

4. Object Export Filters. The ability to export only selected drawing features.  More on this as these features are implemented.

We will always keep the AEC Signature software FREE to Autodesk users. However, the high level granularity security settings will not be included with the FREE version. There will be a vetting process, which may take up to an year. After that, these are Commercial and Military grade settings, and ,if needed, will be an additional purchase to activate the base software. then may justify the cost of a purchased license.

Keep checking this site on the progress of these changes. You will be able to download these directly from our site, and only replace the dll’s in the folders. Since there are no licensing restrictions, the updates will be an easy transition.

AEC Signature 2013 for AutoCAD

AEC Signature® 2013 for AutoCAD and its vertical products is available online. A few of the compatible products are as follows: Civil 3D, Map 3D, and others. http://apps.exchange.autodesk.com to view similar products.

AEC Signature has been Trademarked

The mark identified above has been published in the Trademark Official Gazette (TMOG) on Oct 23, 2012.

To View the Mark in the TMOG:

Click on the following link or paste the URL into an internet browser: http://www.uspto.gov/web/trademarks/tmog/20121023_OG.pdf#page=00000502.

AEC Signature 2012 CRC Validation Video

Tutorial AEC Signature 2012 cRC-Validation http://youtu.be/-p98AU6CROw

AEC Signature 2012 and 2013 Versions

AEC Signature 2012- Overview Electronically seal, embed and encrypt professional licensure information inside an AutoCAD database. The RealDWG toolkit enables you to share design data with confidence using the native DWG format. So you can create applications with 100 percent DWG read/write capability. Deliver your products with the latest DWG technology available from Autodesk. The program outputs a private key file for personal use, and a public key file for distribution to the client. Use the output files to compare for changes in the drawing. This is a stand-alone application, which does not require an Autodesk product to be installed to read and write drawing files. An excellent tool for distributing AutoCAD files electronically while embedding security information of the author or professional.

AEC Signature 2012 Overview Tutorial

Follw this link toview the tutorial  and latest improvements — http://youtu.be/3AYKfYINen0