HR4RS stamp
Newsroom
The Rey Juan Carlos University (URJC), after the studies carried out, has just started a pilot project in two degrees (Cybersecurity Engineering and Industrial Technology Engineering) to implement a protocol with a double signature authentication factor for the qualification of proceedings. This system will be definitively implemented for the 2019/2020 academic year.
In this first step, there will be the collaboration of 26 professors who teach in these two grades, one more familiar with computer applications and the other less expert in the matter, who have been given a training session to apply the double signature authentication for the minutes derived from the December exams. Between the two grades there are 344 students that translate into the same number of minutes.
This is one of the measures that the rector, Javier Ramos, announced would be implemented during this academic year as part of the compliance program to establish internal prevention, management and control mechanisms, among other good practice procedures. These mechanisms also include a new inspection, management and control regulation and the elaboration of an ethical code for the University.
Mechanism similar to that of the Tax Agency
This new protocol wants to guarantee the principles of authenticity, integrity and traceability, that is to say that from the moment the document is generated until it reaches its end, it is known at all times who has acted on it while its integrity is guaranteed, everything this through the use of qualified digital certificates.
This new system is especially aimed at the processes of signing and modifying minutes in which an electronic signature mechanism will be implemented, with a second authentication factor in the identification process, that is, in addition to each teacher using their user and university password, and a qualified digital certificate, you will need an additional means of proof of your identity.
The system that the URJC will implement will use an authentication mechanism through electronic certificates similar to the one that can be used with the tax agency. In this case, teachers are registered with a certifying entity together with their DNI to obtain their electronic public employee certificates and guarantee their identity during the signing of minutes.
In case of having to make a modification of a record due to an error, the system will save both the original note, its author and date of introduction, as well as the modification, along with its authorship and time of change, guaranteeing the traceability of the process.
Maximum legal certainty for the process
Electronic signature systems, together with a double authentication factor, extend the security of personal passwords not only in the identification process but also in the integrity of administrative actions and in the documents they produce.
Within the usability options that have been studied for the massive implementation of electronic certificates, work is being done with a centralized solution in the cloud through a hardware security module (HSM), which simplifies the process of installing and using said certificates by the teachers. The introduction to the entire university, which has almost 2.000 professors, is a milestone in the Spanish university system.
In addition, the URJC is reviewing some thirty essential procedures in academic management and is establishing, where required, the necessary mechanisms to improve them and make them more efficient. Said changes will be aimed at facilitating its adaptation, in the future, to the processes and requirements of electronic administration.