|
|
|
|
|||||||||
|
VERS STORY | STANDARD | COMPLIANCE | PROJECTS | DIGITAL ARCHIVE | TRAINING | TOOLKIT | PUBLICATIONS | |
|
|||||||||
|
|||||
|
5 Use of Encryption/Passwords/Copy Protection Encryption, passwords, and copy protection are used to secure the contents of a file from unauthorised access.
All three mechanisms are designed to prevent unauthorised access. The purpose of an archive is to provide indefinite access to records. These two purposes can clash; just who is authorised to access a record is something that may change over the life of a record. Ultimately, records that are initially extremely confidential may be available for anyone to access. The use of encryption and password protection opens the possibility of losing the record if the decryption key or password is lost. The potential for loss of keys or passwords is particularly high when there is a significant delay in converting the record to a long-term preservation format. While there are agencies that require the additional protection of encryption, PROV strongly recommends that protection against unauthorised access be implemented using the normal system security and that record contents not be encrypted or protected by passwords. PROV will not accept any permanent records that are encrypted or protected by passwords, as the risk of losing the record through loss of the decryption key or password is too high. The use of copy protection is likely to significantly impede conversion of the record content to a long-term preservation format. It is also likely to cause the loss of the record content due to the difficulty of re-implementing the copy protection scheme. PROV will not accept any permanent records that use copy protection. | |||||
 |
 |
|