[Moims-dai] R: SEC WG notes

Roberta Svanetti Roberta.Svanetti at dedagroup.it
Mon Jun 5 05:52:29 UTC 2023 

Hi David,

From the Howie Weiss suggestions and concerns I agree with you. During the Spring DAI WG meeting, we explained to Howie that security and in general data security aspects (including governance) are addressed by other specific standards which obviously an Archive must refer to. In the digital Preservation strategy and in the Preservation Plan documentation are clearly specified those standards and the regulations to be applied for data governance, security management and cyber security (for example GDPR, NIST, ISO270001 family,…)
At the same time, in the organization to which the Archive belongs there are offices/functions responsible for managing data security in all its aspects, which also supervise the work of the Archive and its compliance with specific standard and regulations for data security,
Our standard are not addressing directly security but could add pointers to, say, REST security

Kind Regards
[cid:image001.png at 01D99781.1739A750]
Roberta Svanetti​​​​
Enterprise Content Management
 ‑
Operations Manager
[cid:image002.png at 01D99781.1739A750]
+390257775690<tel:+390257775690>
[cid:image003.png at 01D99781.1739A750]
+393357294121<tel:+393357294121>
Deda Cloud srl
 ‑
Cassina de' Pecchi

www.deda.cloud<http://www.deda.cloud/>
https://www.linkedin.com/deda-cloud/<https://www.linkedin.com/showcase/deda-cloud>
[cid:image004.png at 01D99781.1739A750]<https://www.deda.cloud/case-conserve/>

Da: MOIMS-DAI <moims-dai-bounces at mailman.ccsds.org> Per conto di David Giaretta via MOIMS-DAI
Inviato: venerdì 2 giugno 2023 22:01
A: 'MOIMS-Data Archive Interoperability' <moims-dai at mailman.ccsds.org>
Cc: david at giaretta.org; kearneysolutions at gmail.com
Oggetto: Re: [Moims-dai] SEC WG notes

**ATTENZIONE**: Questo messaggio proviene da un ACCOUNT ESTERNO, presta attenzione ad eventuali link o allegati al suo interno.

Thanks Mike.
I think there has been a misunderstanding if he thinks we are only “concerned with high level attributes such as data provenance and data access”
I don’t think we said we would add security directly to our standard, but could add pointers to, say, REST security.
But perhaps I am misremembering the conversation.
What do other say?

..David

From: MOIMS-DAI <moims-dai-bounces at mailman.ccsds.org<mailto:moims-dai-bounces at mailman.ccsds.org>> On Behalf Of Mike Kearney via MOIMS-DAI
Sent: Friday, June 2, 2023 8:48 PM
To: 'MOIMS-Data Archive Interoperability' <moims-dai at mailman.ccsds.org<mailto:moims-dai at mailman.ccsds.org>>
Cc: kearneysolutions at gmail.com<mailto:kearneysolutions at gmail.com>
Subject: [Moims-dai] SEC WG notes

The Security Working group issued their minutes for the spring meeting, and they included this note:


  1.  Data Archiving Interoperability (DAI): While not ‘officially’ a joint meeting, Howie Weiss attended the Data Archiving Working Group based on Chuck Sheehe’s questions regarding security for data at rest. Currently the data archiving group is concerned with high level attributes such as data provenance and data access.  Their existing documents allude to security, mostly from an access control and integrity perspective, but do not mandate mechanisms to provide security. DAI agrees that they need to gain more specificity and detail to provide protection of data provenance. We had a good discussion, provided DAI with some security concepts to think about, and will continue to be in contact.


   -=- Mike

Mike Kearney
Huntsville, Alabama, USA

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/moims-dai/attachments/20230605/ca682a4b/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 12985 bytes
Desc: image001.png
URL: <http://mailman.ccsds.org/pipermail/moims-dai/attachments/20230605/ca682a4b/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 564 bytes
Desc: image002.png
URL: <http://mailman.ccsds.org/pipermail/moims-dai/attachments/20230605/ca682a4b/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 396 bytes
Desc: image003.png
URL: <http://mailman.ccsds.org/pipermail/moims-dai/attachments/20230605/ca682a4b/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 57459 bytes
Desc: image004.png
URL: <http://mailman.ccsds.org/pipermail/moims-dai/attachments/20230605/ca682a4b/attachment-0007.png>

More information about the MOIMS-DAI mailing list