iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST ISO 17068:2018

Information and documentation - Trusted third party repository for digital records

Information and documentation - Trusted third party repository for digital records

ISO 17068:2017 specifies requirements for a trusted third party repository (TTPR) to support the authorized custody service in order to safeguard provable integrity and authenticity of clients' digital records and serve as a source of reliable evidence.
ISO 17068:2017 is applicable to retention or repository services for digital records as a source of evidence during the retention periods of legal obligation in both the private and the public sectors.
ISO 17068:2017 has the limitation that the authorized custody of the stored records is between only the TTPR and the client.

Information et documentation -- Référentiel tiers de confiance pour les enregistrements électroniques

Informatika in dokumentacija - Repozitorij za digitalne zapise zaupanja vredne tretje strani

Ta dokument določa zahteve za repozitorij za digitalne zapise zaupanja vredne tretje strani (TTPR), ki so v pomoč storitvi pooblaščenega skrbništva, pri čemer varujejo dokazljivo neoporečnost in pristnost digitalnih zapisov strank, ter se uporabljajo kot vir zanesljivih dokazov.
Ta dokument se uporablja za storitve shranjevanja ali repozitorija digitalnih zapisov kot vir dokazov med obdobjem hrambe na podlagi pravnih zahtev v zasebnem in javnem sektorju.
Ta dokument je omejen s tem, da pooblaščeno skrbništvo nad shranjenimi zapisi urejata samo repozitorij za digitalne zapise zaupanja vredne tretje strani in stranka.

General Information

Status
Published
Publication Date
04-Sep-2018
ICS
01.140.20 - Information sciences
Technical Committee
IDT - Information, documentation, language and terminology
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
27-Jul-2018
Due Date
01-Oct-2018
Completion Date
05-Sep-2018
Ref Project
ISO 17068:2017 - Information and documentation — Trusted third party repository for digital records

Relations

Replaces
SIST-TP ISO/TR 17068:2013 - Information and documentation - Trusted third party repository for digital records
Effective Date
01-Sep-2018

Buy Standard

ISO 17068:2018ISO 17068:2018
PreviousNext
Standard
ISO 17068:2018
English language
39 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
ISO 17068:2017 - Information and documentation -- Trusted third party repository for digital recordsISO 17068:2017 - Information and documentation -- Trusted third party repository for digital records
PreviousNext
Standard
ISO 17068:2017 - Information and documentation -- Trusted third party repository for digital records
English language
33 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


SLOVENSKI STANDARD
01-oktober-2018
1DGRPHãþD
SIST-TP ISO/TR 17068:2013
Informatika in dokumentacija - Repozitorij za digitalne zapise zaupanja vredne
tretje strani
Information and documentation - Trusted third party repository for digital records
Information et documentation -- Référentiel tiers de confiance pour les enregistrements
électroniques
Ta slovenski standard je istoveten z: ISO 17068:2017
ICS:
01.140.20 Informacijske vede Information sciences
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

INTERNATIONAL ISO
STANDARD 17068
First edition
2017-10
Information and documentation —
Trusted third party repository for
digital records
Information et documentation — Référentiel tiers de confiance pour
les documents d’activité électroniques
Reference number
©
ISO 2017
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Overview of a TTPR . 3
4.1 Necessity for a TTPR . 3
4.2 Requirements for TTPR trustworthiness . 4
4.3 TTPR components . 5
4.4 Characteristics of a TTPR . 6
5 TTPR services . 7
5.1 General . 7
5.2 Service procedure . 7
5.3 TTPR service agreements . 7
5.3.1 Service level agreement (SLA) . 7
5.3.2 Service agreement items . 8
5.4 TTPR subservices .10
5.4.1 General.10
5.4.2 Acquisition service .11
5.4.3 Repository service .12
5.4.4 Access and use of service .12
5.4.5 Issuance service .13
5.4.6 Conversion service .14
5.4.7 Delivery and/or migration service .14
5.4.8 Disposal service .15
5.4.9 TTPR certification service .16
5.4.10 Non-repository certification service (Remote Certification Service) .18
6 Technological requirements .19
6.1 General .19
6.2 Digital record repository .20
6.3 Transmitter–receiver .20
6.4 Network system .20
6.5 Time-stamping .20
6.6 Audit trail .21
6.7 Network security system .21
6.8 Access control equipment .21
6.9 Disaster recovery facility .22
6.10 System for certificate issuance and validation of digital records .22
6.11 Backup system .23
7 Operational requirements .23
7.1 General .23
7.2 Client management .24
7.3 Administrator’s role and authority management .24
7.4 Network and security management .25
7.5 Digital records management .25
7.6 Operation of transmitted and received messages .28
7.7 Audit record .29
7.8 Data backup and recovery .29
7.9 Security management .30
7.10 Migration and receipt management .30
7.11 Client system management .31
Bibliography .33
iv © ISO 2017 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 46, Information and documentation,
Subcommittee SC 11, Archives/records management.
Introduction
As digital records are the inevitable by-products of various business activities in digital systems, there
is an increasing need to secure the authenticity and legal admissibility of digital records during their
period of retention. It is internationally agreed that "digital records shall not be denied validity or
1)
enforceability of legal recognition by reason of their format alone" . Despite this, it is very difficult
for an organization to assert that its digital records are authentic and able to act as effective evidence
of business action over a long period. In many cases, legal admissibility of digital records managed
by organizations’ records systems is not ensured. As a resu
...


INTERNATIONAL ISO
STANDARD 17068
First edition
2017-10
Information and documentation —
Trusted third party repository for
digital records
Information et documentation — Référentiel tiers de confiance pour
les documents d’activité électroniques
Reference number
©
ISO 2017
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Overview of a TTPR . 3
4.1 Necessity for a TTPR . 3
4.2 Requirements for TTPR trustworthiness . 4
4.3 TTPR components . 5
4.4 Characteristics of a TTPR . 6
5 TTPR services . 7
5.1 General . 7
5.2 Service procedure . 7
5.3 TTPR service agreements . 7
5.3.1 Service level agreement (SLA) . 7
5.3.2 Service agreement items . 8
5.4 TTPR subservices .10
5.4.1 General.10
5.4.2 Acquisition service .11
5.4.3 Repository service .12
5.4.4 Access and use of service .12
5.4.5 Issuance service .13
5.4.6 Conversion service .14
5.4.7 Delivery and/or migration service .14
5.4.8 Disposal service .15
5.4.9 TTPR certification service .16
5.4.10 Non-repository certification service (Remote Certification Service) .18
6 Technological requirements .19
6.1 General .19
6.2 Digital record repository .20
6.3 Transmitter–receiver .20
6.4 Network system .20
6.5 Time-stamping .20
6.6 Audit trail .21
6.7 Network security system .21
6.8 Access control equipment .21
6.9 Disaster recovery facility .22
6.10 System for certificate issuance and validation of digital records .22
6.11 Backup system .23
7 Operational requirements .23
7.1 General .23
7.2 Client management .24
7.3 Administrator’s role and authority management .24
7.4 Network and security management .25
7.5 Digital records management .25
7.6 Operation of transmitted and received messages .28
7.7 Audit record .29
7.8 Data backup and recovery .29
7.9 Security management .30
7.10 Migration and receipt management .30
7.11 Client system management .31
Bibliography .33
iv © ISO 2017 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 46, Information and documentation,
Subcommittee SC 11, Archives/records management.
Introduction
As digital records are the inevitable by-products of various business activities in digital systems, there
is an increasing need to secure the authenticity and legal admissibility of digital records during their
period of retention. It is internationally agreed that "digital records shall not be denied validity or
1)
enforceability of legal recognition by reason of their format alone" . Despite this, it is very difficult
for an organization to assert that its digital records are authentic and able to act as effective evidence
of business action over a long period. In many cases, legal admissibility of digital records managed
by organizations’ records systems is not ensured. As a result, there is a growing need for services
safeguarding these characteristics for digital records by neutral third parties.
In order to protect digital records from business disputes during the period they are required for
sustaining legal obligation and ongoing retention, it is essential to ensure that the authenticity,
reliability and integrity of digital records endures.
Digital signatures are a well-known means to ascertain if digital records have been tampered with.
However, as a digital signature only safeguards integrity within its validity time (generally one to two
years or less), most digitally signed records do not ensure their integrity for longer than this validity
time. It may thus be very difficult for an individual record system to prove the integrity of their digital
records for the period of retention obligation, where this is longer than the validity
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST ISO 18128:2024(Main)
Information and documentation — Records risks — Risk assessment for records management
ISO 18128:2024

The document:
a) provides methods for identifying and documenting risks related to records, records processes, controls and systems (records risks);
b) provides techniques for analysing records risks;
c) provides guidelines for conducting an evaluation of records risks.
This document intends to assist organizations in assessing records risks so they can ensure records continue to meet identified business needs as long as required.
This document can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure.
This document does not directly address the mitigation of risks, as methods for these vary from organization to organization.
It can be used by records professionals or people who have responsibility for records and records processes, controls and/or systems in their organizations, and by auditors or managers who have responsibility for risk management programs in their organizations.

  • Standard
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    27 pages
    English language
    sale 15% off
SIST
SIST ISO 21636-1:2024(Main)
Language coding — A framework for language varieties — Part 1: Vocabulary
ISO 21636-1:2024

The ISO 21636 series provides a framework for the identification and description of varieties of all individual human languages (see ISO 639).
It is applicable to sign languages.
It does not apply to:
— artificial means of communication with or between machines (such as programming languages);
— those means of human communication which are neither fully nor largely equivalent to human language (such as sets of individual symbols or gestures that each carry isolated meanings but cannot be freely combined into complex expressions).
This document defines the terms necessary to identify basic dimensions and sub-dimensions of linguistic variation and the resulting varieties, including major modalities of human communication.

  • Standard
    22 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    16 pages
    English language
    sale 15% off
SIST
SIST-TP ISO/TR 8344:2024(Main)
Information and documentation — Issues and considerations for managing records in structured data environments
ISO/TR 8344:2024

This document identifies issues and considerations for managing records in structured data environments.

  • Technical report
    67 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical report
    61 pages
    English language
    sale 15% off
SIST
SIST ISO 24613-1:2024(Main)
Language resource management — Lexical markup framework (LMF) — Part 1: Core model
ISO 24613-1:2024

This document establishes the core model of the lexical markup framework (LMF), a metamodel for representing data in monolingual and multilingual lexical resources used with computer applications.
LMF provides mechanisms that allow the development and integration of a variety of electronic lexical resource types.

  • Standard
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    14 pages
    English language
    sale 15% off
SIST
SIST-TP ISO/TR 21636-2:2024(Main)
Language coding — A framework for language varieties — Part 2: Description of the framework
ISO/TR 21636-2:2023

This document, and the ISO 21636 series in general, provides the general principles for the identification and description of varieties of individual human languages. It, therefore, does not apply to:
— artificial means of communication with or between machines such as programming languages;
— those means of human communication which are not fully or largely equivalent to human language such as individual symbols or gestures that carry isolated meanings but cannot be freely combined into complex expressions.
This document together with the other parts of the ISO 21636 series establishes the dimensions of linguistic variation as well as core values necessary to identify individual varieties in these dimensions or sub-dimensions.
This document forms the basis for the other parts by outlining the general framework for language varieties.

  • Technical report
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical report
    14 pages
    English language
    sale 15% off
SIST
SIST ISO 15707:2024(Main)
Information and documentation — International Standard Musical Work Code (ISWC)
ISO 15707:2022

This document specifies a means of uniquely identifying a musical work. It standardizes and promotes internationally the use of a standard identification code so that musical works can be uniquely distinguished from one another within computer databases and related documentation and for the purposes of collecting societies involved in the administration of rights to such works.
The International Standard Musical Work Code (ISWC) identifies musical works as intangible creations. It is not used to identify manifestations of, or objects related to a musical work. Such manifestations and objects are the subject of separate identification systems, such as the International Standard Recording Code (ISRC) for sound recordings, the International Standard Music Number (ISMN) for printed music, and the International Standard Audiovisual Number (ISAN) for audiovisual works.

  • Standard
    13 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    8 pages
    English language
    sale 15% off
  • Standard
    9 pages
    French language
    sale 15% off
SIST
SIST ISO 24620-5:2024(Main)
Language resource management — Controlled human communication (CHC) — Part 5: Lexico-morpho-syntactic principles and methodology for personal data recognition and protection in text
ISO 24620-5:2024

This document establishes basic principles and a methodology to recognize personal data written in free text, in different languages (whether agglutinating, inflectional or isolating) and countries.
This document is applicable to protecting human data circulating in national and international industries, and private and public organizations.
This document is applicable to processing by human beings and/or automated processing, and to various domains (e.g. law, finance, health).
It does not apply to automated image processing.
This document uses formal methods only, as statistical methods are very different in nature.

  • Standard
    24 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    19 pages
    English language
    sale 15% off
  • Standard
    19 pages
    French language
    sale 15% off
SIST
SIST ISO 24138:2024(Main)
Information and documentation — International Standard Content Code (ISCC)
ISO 24138:2024

This document specifies the syntax and structure of the International Standard Content Code (ISCC), as an identification system for digital assets (including encodings of text, images, audio, video or other content across all media sectors). It also describes ISCC metadata and the use of ISCC in conjunction with other schemes, such as DOI, ISAN, ISBN, ISRC, ISSN and ISWC.
An ISCC applies to a specific digital asset and is a data-descriptor deterministically constructed from multiple hash digests using the algorithms and rules in this document. This document does not provide information on registration of ISCCs.

  • Standard
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    33 pages
    English language
    sale 15% off
SIST
SIST ISO 24613-6:2024(Main)
Language resource management — Lexical markup framework (LMF) — Part 6: Syntax and semantics
ISO 24613-6:2024

This document specifies the syntax and semantics (SynSem) module of the lexical markup framework (LMF), a metamodel for representing data in monolingual and multilingual lexical databases used with computer applications. The SynSem module allows for the description of specific syntactic and semantic properties of lexemes, as well as the complex interactions between them. More specifically, the syntax part of the module describes the properties of a lexeme when combined with other lexemes in a sentence. When recorded in a lexicon, these properties make up the syntactic description of a lexical entry instance. The semantics part of the module, on the other hand, describes the sense of a lexeme and its relationship with other senses belonging to the same language. The SynSem interface describes the predicates and the mapping between syntactic and semantic arguments.
This serialization covers the classes of ISO 24613-1 (Core model), ISO 24613-2 (Machine-readable dictionary (MRD) model) and ISO 24613-4 (TEI serialization).

  • Standard
    15 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    11 pages
    English language
    sale 15% off
SIST
SIST ISO 21636-3:2024(Main)
Language coding — A framework for language varieties — Part 3: Application of the framework
ISO 21636-3:2024

The ISO 21636 series provides a framework for the identification and description of varieties of all individual human languages (see ISO 639).  
It is applicable to sign languages.  
It does not apply to:
— artificial means of communication with or between machines (such as programming languages);  
— those means of human communication which are neither fully nor largely equivalent to human language (such as sets of individual symbols or gestures that each carry isolated meanings but cannot be freely combined into complex expressions).
This document gives guidance on how to apply the framework to identify basic dimensions and sub-dimensions of linguistic variation and the resulting varieties, including major modalities of human communication. It does not include any code or individual identifiers.
This document is structured strictly analogously to ISO/TR 21636-2. For a general description of the dimension and varieties dealt with in each clause, the user can refer to the corresponding clause in that document.
This document focuses only on the identification and description of language varieties, not on the general, formal or technical aspects of the description of human language resources (LRs), which are covered by general metadata frameworks.
NOTE 1 For the general description of a language resource, a user can minimally apply at least the metadata of the Open Language Archives Community (OLAC) metadata standard, which provides an application of the Dublin Core metadata element set as defined by the Dublin Core Metadata Initiative (DCMI). These descriptors have been recognized in ISO 15836-1:2017.
NOTE 2 The Component Metadata Infrastructure (CMDI) provides a best practice guide for the sake of technical and content interoperability between LRs as well as of their sustainability.

  • Standard
    16 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    10 pages
    English language
    sale 15% off