DOCUMENT MANAGEMENT AND ELECTRONIC SIGNATURE

IN AN ONLINE CONTRACT SERVICE

Thomas Kwok and Thao Nguyen

IBM Research Division, Thomas J. Watson Research Center. 19 Skyline Drive, Hawthorne, NY 10532, USA

Keywords: Electronic Contract, Electronic Document, Electronic Signature.

Abstract: In this paper, we present a Web-hosted contract service application that enables small and medium-size

businesses to execute and manage contracts entirely online, such as the merging several documents to form

an electronic contract and the superimposing of users’ signing information as a watermark in a signed

contract, eliminating the need to work with paper documents. This application has found to improve

substantially the efficiency, and at the same time eliminates the potential for human error and security

breaches in the performance of electronic contract management and processing tasks.

1 INTRODUCTION

Today, contracts are created, executed and managed

via paper-based and manual processes in most

enterprises. However, managing contracts manually

can be inefficient and cumbersome because there is

no standardized processes to follow or enforce. This

approach may also lead to errors or faults with

potential risk and liability. Automation of the

contract lifecycle presents a substantial value

creation opportunity for the enterprise. This value

stems from improved productivity and security,

effectively aggregated contract information,

accelerated contract lifecycle processes, reduced

contractual errors and risk, enabled revenue forecast

and profit optimization, as well as better compliance

enforcement (McGovern, 1986). With the advent of

Internet technology and electronic commerce, there

are growing research activities and implementation

efforts on establishing and standardizing an

electronic contract management and process system.

Currently, the International Association of Contract

and Commercial Managers have listed over twenty

commercial available software products for

electronic contract management (IACCM, 2006).

Most of the research activities reported is focus on

electronic contract creation or representation

language (Tan, 2002), management (Milosevic,

2004), negotiation and collaboration (Perrin, 2004),

execution (Iwaihara, 2004), fulfillment (Xu, 2003),

performance (Daskalopulu, 2002) and data mining

(Castellanos, 2004). Nearly all of electronic

document management and process systems can

automatically execute a few document processes at

the same time according to the predefined document

flows or workflows. However, there is no study or

product focus on a Web-based electronic contract

management and process application that can

execute document processes automatically according

to a set of predefined tasks all at once without

human intervention, such as converting document

formats, merging several documents in one

document, and renumbering page numbers, as well

as adding signature information as watermark on the

signed contract document, in a secure environment.

In this paper, we address the need of these functions,

such as security issues, for a Web-hosted online

contract service application. We also describe novel

techniques used to implement these functions.

2 THE FRAMEWORK

An architectural framework for a document

management and electronic signature subsystem in a

Web-hosted online contract service application is

shown in Figure 1. The system comprises an

application server with a local or remote common

database, at least one Web-based administrator

module and many Web-based individual user

modules, a task execution engine and a set of

predefined task modules, a signature and document

360

Kwok T. and Nguyen T. (2007).

DOCUMENT MANAGEMENT AND ELECTRONIC SIGNATURE IN AN ONLINE CONTRACT SERVICE.

In Proceedings of the Second International Conference on e-Business, pages 360-363

DOI: 10.5220/0002114703600363

 SciTePress

profile module, an encryption engine and a signing

information watermark engine. All communications,

interactions and connections among administrator

and user modules, the application server, and the

remote common database go through one or more

secure wired or wireless networks. As a result, the

Web-hosted online contract service application can

enable authorized users to carry out different

document processes and sign contracts in real-time

using a Web browser without additional hardware

and software installation.

3 ADMINISTRATION MODULE

As described in Figure 2, an administrator uses the

administrator module to generate setup files for his

or her users. A setup file allows a particular user in

his or her user module to perform certain predefined

tasks on electronic contract documents. The

allowable predefined tasks that the user can perform

must be in accordance with his or her predefined

roles and security level in the system. This user-

specific setup file can also apply to a group of users

with similar roles, positions or security levels in the

system. Thus, different users or different groups of

users of different roles, positions or security levels

can perform different management and process tasks

on different types of electronic contract documents

using this system. First, an administrator selects all

the electronic contract and document types

designated for or assigned to a particular user to

manage and process. The administrator also selects

different company policies based on the user’s roles,

position and security level in the system, as well as

the selected electronic contract and document types.

The setup file generator then builds a set of

document management and process rules and a set

of security rules based on the selected company

policies. According to this set of security rules, the

administrator sets a number of passwords with

different privileges for accessing each electronic

contract document type selected. The administrator

also sets allowable predefined tasks and their

associated steps as well as security settings for the

required document types for each task with respect

to the set of management, process and security rules

generated. Finally, the setup file generator combines

all these task and security parameters and

information to construct a user-specific setup file.

Once a setup file has been generated, it is

immediately and automatically encoded with the

encryption engine. Then, the administrator sends out

an e-mail to the user to inform him or her that his or

her encoded setup file is ready for access or

download.

4 USER MODULE

Figure 3 is a block diagram showing the flow steps

of a user module. The user selects and configures a

set of necessary predefined tasks and their associated

steps required him or her to carry out on this

particular electronic contract based on the setup file.

Once the appropriate, necessary and allowable tasks

and their associated steps have been selected, the

user selects all the required electronic contract

documents for each necessary task and its associate

steps. According to the setup file, the user also

selects and configures a set of allowable security

rules. With these security rules as guidelines, the

user selects allowable security settings for each

document under each task and its associated steps.

Then, the user sets passwords with different

privileges for each electronic contract document

corresponding to its selected security settings. The

task execution engine will use these passwords to

remove or add security on electronic contract

Figure 1: An architectural framework of a document

management and electronic signature subsystem.

Figure 2: A block diagram showing the flow steps of a

Web-based administrator module.

DOCUMENT MANAGEMENT AND ELECTRONIC SIGNATURE IN AN ONLINE CONTRACT SERVICE

361

documents during the task execution. Finally, the

configure file generator constructs a task

configuration file from all selected task, security and

document related parameters.

5 SIGNING WATERMARK

This system have merged all related documents of

an electronic contract into one PDF document such

that all parties involved only need to review,

approve and sign a single electronic contract PDF

document. Then, the document and signature profile

module automatically reads and parses the type,

format and orientation of the contract document. It

also reads and parses the number of signature

blocks. For each signature block, the module reads

and parses the signature block type and the number

of signing data fields. For each signing data field,

the module reads and parses the signing data type,

the page number and page location of this signing

data field. Then, a document signing information

profile is generated based on this document and

signature information.

When a user signs an electronic contract on-line

by clicking the “I agree”, “I accept”, “Sign”, or any

similar buttons representing acceptance, the system

captures or gathered most of the required signing

information from the signer’s computer using the

URL get or post method through the Internet or

other on-line electronic processes. The system also

retrieves the rest of the required signing information

from his or her records stored in the system’s

database. The signing information comprises at least

the signer’s name, the signer’s company, and the

date or timestamp of the signing. Once a signing

data file has been generated, an encryption engine

immediately and automatically encodes it.

Whenever an incoming electronic contract requests

the superimposing of the electronic signing

information on its electronic contract PDF

document, the signing information watermark

engine implicitly calls the encryption engine to

decode the encoded signing data file in order to

parse and insert signing data entries into a temporary

signing image template according to the document

signing information profile. In addition, the engine

adjusts the page location of this signing data entry in

the template according to the page position of its

corresponding signing data field in the document

signing information profile. By doing that, the

temporary signing image template with all the

signing information can be superimposed on the

incoming electronic contract PDF document in a

manner similar to adding a watermark (Kwok,

2005). Finally, secure protections from alternations

or modifications are added on the signed electronic

contract PDF document with the signing information

watermark to ensure that its contents and signing

data entries cannot be altered or modified.

6 TASK EXECUTION ENIGNE

As illustrated in Figure 5, the task execution engine

starts to retrieve a particular encoded user-specific

setup file from the local or remote common

database. It calls the encryption engine implicitly

and automatically to decode the encoded security

parameters in the encoded setup file. Once, the

security parameters have been properly decoded, it

proceeds to retrieve and decode the encoded

passwords with different privileges for each

electronic contract document type from the database.

Similarly, the task executing engine also retrieves

and decodes a particular encoded user-specific task

configuration file corresponding to the management

Figure 3: A block diagram showing the flow steps of a

Web-

ased user module.

Figure 4: A schematic diagram illustrating the

erim

osin

of user si

nin

data as a watermar

ICE-B 2007 - International Conference on e-Business

362

and process of a particular electronic contract

designed for or assigned to the user. Once, the task

and document parameters have been properly

decoded, the engine attempts to retrieve all the

required documents for processing from the

database. Then the task execution engine proceeds to

create a temporary empty document. The task

execution engine calls a set of predefined task

modules implicitly and automatically to retrieve all

the necessary predefined tasks and their allowable

steps, as well as execution instructions for each

predefined task and its associated steps. The task

execution engine carries out all the execution

instructions on the required documents for each

necessary task. Once all the necessary tasks have

been executed, the task execution engine restores the

security settings as necessary for all documents.

Finally, the task execution engine adds security

settings with password on the resulting temporary

document according to the parsed security

parameters from the setup file.

7 CONCLUSIONS

This document management and electronic signature

subsystem enables a user to manage and process

electronic contract documents with predefined tasks

and their associated steps in an automated and

secure environment. This system also provides an

automated and efficient way for a user to

superimpose the electronic signing information as a

watermark on a signed electronic contract PDF

document in a secure environment. This Web-hosted

online contract service application has enable small

and medium-size businesses to execute and manage

contracts entirely online, eliminating the need to

work with paper documents. Some of the features

and functions of this document management and

electronic signature system have been implemented

in the Web-hosted online contract service

application used in IBM. It has found to reduce the

time it takes to complete contracts from days to

minutes, driving down processing costs and

increasing productivity with anytime, anywhere

access to contracts.

REFERENCES

Castellanos, M., Dayal, U., 2004. FACTS: an approach to

unearth legacy contracts, in Proc. of 1st IEEE Int’l

Workshop on Electronic Contracting, pages 40-45.

Daskalopulu, A., Maibaum, T., 2002. Towards electronic

contract performance, in Proc .of 12th Int’l Workshop

on Database and Expert Systems Applications., pages

771-777.

International Association of Contract and Commercial

Managers (IACCM), 2006. http://www.iaccm.com.

Iwaihara, M., Jiang, H., Kambayashi, Y., 2004. An

integrated system for supporting problem solution in

e-contract execution, in Proc. of 1st IEEE Int’l

Workshop on Electronic Contracting, pages 9-16.

Kwok, T., Nguyen. T., 2005. An Automatic Electronic

Contract Document Signing System in a Secure

Environment, in Proc. of 7th IEEE Int’l Conf. on e-

Commerce Technology, IEEE Computer Society,

pages 497-502.

McGovern, W.M., Lawrence, L., 1986. Contracts and

Sales: Cases and Problems, Matthew Bender.

Milosevic, Z., Gibson, S., Linington, P.F., Cole J.,

Kulkarni, S., 2004. On design and implementation of a

contract monitoring facility, in Proc. of 1st IEEE Int’l

Workshop on Electronic Contracting, pages 62-71.

Perrin, O., Godart, C., 2004. An approach to implement

contracts as trusted intermediaries, in Proc. of 1st

IEEE Int’l Workshop on Electronic Contracting, pages

71-78.

Tan, Y-H., Thoen, W., 2002. DocLog: an electronic

contract representation language, in Proc. of 35th

Annual Hawaii Int’l Conf. on System Sciences, pages

2198-2206.

Xu, L., 2003. Monitorable electronic contract, in Proc. of

IEEE Int’l Conf. on E-Commerce, pages 92-99.

Figure 5: A flow diagram illustrating the algorithm of a

task execution en

ine.

DOCUMENT MANAGEMENT AND ELECTRONIC SIGNATURE IN AN ONLINE CONTRACT SERVICE

363