<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:remialcxesans;}
@font-face
{font-family:zone-1;}
@font-face
{font-family:zones-AQ;}
@font-face
{font-family:template-c0lkJrLxEeuUsygYeDLr3w;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ligatures:standardcontextual;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.StileMessaggioDiPostaElettronica20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:148446775;
mso-list-template-ids:-1184886240;}
@list l0:level1
{mso-level-start-at:12;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1
{mso-list-id:1510948281;
mso-list-type:hybrid;
mso-list-template-ids:1764421706 -2090683618 67698713 67698689 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l1:level1
{mso-level-start-at:12;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:108.0pt;
mso-level-number-position:left;
text-indent:-9.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-tab-stop:144.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:180.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:216.0pt;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1:level7
{mso-level-tab-stop:252.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:288.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:324.0pt;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1027" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="IT" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Hi David,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US">From the Howie Weiss suggestions and concerns I agree with you. During the Spring DAI WG meeting, we explained to Howie that security and in general data security aspects (including
governance) are addressed by other specific standards which obviously an Archive must refer to. In the digital Preservation strategy and in the Preservation Plan documentation are clearly specified those standards and the regulations to be applied for data
governance, security management and cyber security (for example GDPR, NIST, ISO270001 family,…)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US">At the same time, in the organization to which the Archive belongs there are offices/functions responsible for managing data security in all its aspects, which also supervise the work
of the Archive and its compliance with specific standard and regulations for data security,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US">Our standard are not addressing directly security
</span><span lang="EN-GB" style="mso-fareast-language:EN-US">but could add pointers to, say, REST security</span><span lang="EN-US" style="mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US">Kind Regards</span><span lang="EN-US" style="mso-fareast-language:EN-US"><o:p></o:p></span></p>
<div>
<div>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%">
<tbody>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="border:none;border-right:solid #4B7C53 1.5pt;padding:0cm 7.5pt 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal" align="center" style="text-align:center"><!--[if gte vml 1]><v:shapetype id="_x0000_t75" coordsize="21600,21600" o:spt="75" o:preferrelative="t" path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f">
<v:stroke joinstyle="miter" />
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0" />
<v:f eqn="sum @0 1 0" />
<v:f eqn="sum 0 0 @1" />
<v:f eqn="prod @2 1 2" />
<v:f eqn="prod @3 21600 pixelWidth" />
<v:f eqn="prod @3 21600 pixelHeight" />
<v:f eqn="sum @0 0 1" />
<v:f eqn="prod @6 1 2" />
<v:f eqn="prod @7 21600 pixelWidth" />
<v:f eqn="sum @8 21600 0" />
<v:f eqn="prod @7 21600 pixelHeight" />
<v:f eqn="sum @10 21600 0" />
</v:formulas>
<v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect" />
<o:lock v:ext="edit" aspectratio="t" />
</v:shapetype><v:shape id="AutoShape_x0020_6" o:spid="_x0000_s1026" type="#_x0000_t75" style='position:absolute;left:0;text-align:left;margin-left:0;margin-top:0;width:50pt;height:50pt;z-index:251659264;visibility:hidden;mso-width-percent:0;mso-height-percent:0;mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;mso-wrap-distance-bottom:0;mso-position-horizontal:absolute;mso-position-horizontal-relative:text;mso-position-vertical:absolute;mso-position-vertical-relative:text;mso-width-percent:0;mso-height-percent:0;mso-width-relative:page;mso-height-relative:page'>
<o:lock v:ext="edit" aspectratio="f" selection="t" />
</v:shape><![endif]--><span style="font-size:1.0pt;mso-ligatures:none"><img width="152" height="50" style="width:1.5833in;height:.525in" id="Immagine_x0020_1" src="cid:image001.png@01D99781.1739A750"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
<td style="padding:7.5pt 0cm 7.5pt 7.5pt">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%">
<tbody>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><b><span style="color:#606060;mso-ligatures:none">Roberta Svanetti</span></b><b><span style="font-size:1.0pt;font-family:remialcxesans;color:white;mso-ligatures:none"></span></b><b><span style="font-size:1.0pt;font-family:template-c0lkJrLxEeuUsygYeDLr3w;color:white;mso-ligatures:none"></span></b><b><span style="font-size:1.0pt;font-family:zone-1;color:white;mso-ligatures:none"></span></b><b><span style="font-size:1.0pt;font-family:zones-AQ;color:white;mso-ligatures:none"></span></b><b><span style="color:#606060;mso-ligatures:none"><o:p></o:p></span></b></p>
</td>
</tr>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none">Enterprise Content Management<o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none"> ‑ <o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none">Operations Manager<o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="font-size:1.0pt;color:gray;mso-ligatures:none"><img width="20" height="20" style="width:.2083in;height:.2083in" id="Immagine_x0020_2" src="cid:image002.png@01D99781.1739A750"><o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none"><a href="tel:+390257775690" target="_blank"><span style="color:gray;text-decoration:none">+390257775690</span></a><o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="font-size:1.0pt;color:gray;mso-ligatures:none"><img border="0" width="20" height="20" style="width:.2083in;height:.2083in" id="Immagine_x0020_3" src="cid:image003.png@01D99781.1739A750"><o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none"><a href="tel:+393357294121" target="_blank"><span style="color:gray;text-decoration:none">+393357294121</span></a><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none">Deda Cloud srl<o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none"> ‑ <o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none">Cassina de' Pecchi<o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="font-size:1.0pt;color:gray;mso-ligatures:none"> <o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none"><a href="http://www.deda.cloud/" target="_blank"><span style="color:gray;text-decoration:none">www.deda.cloud</span></a><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="color:gray;mso-ligatures:none"><a href="https://www.linkedin.com/showcase/deda-cloud" target="_blank"><span style="color:gray;text-decoration:none">https://www.linkedin.com/deda-cloud/</span></a><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><a href="https://www.deda.cloud/case-conserve/" target="_blank"><span style="font-size:1.0pt;color:blue;mso-ligatures:none;text-decoration:none"><img border="0" width="467" height="150" style="width:4.8666in;height:1.5583in" id="Immagine_x0020_4" src="cid:image004.png@01D99781.1739A750"></span></a><span style="font-size:1.0pt;mso-ligatures:none"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span style="mso-ligatures:none">Da:</span></b><span style="mso-ligatures:none"> MOIMS-DAI <moims-dai-bounces@mailman.ccsds.org>
<b>Per conto di </b>David Giaretta via MOIMS-DAI<br>
<b>Inviato:</b> venerdì 2 giugno 2023 22:01<br>
<b>A:</b> 'MOIMS-Data Archive Interoperability' <moims-dai@mailman.ccsds.org><br>
<b>Cc:</b> david@giaretta.org; kearneysolutions@gmail.com<br>
<b>Oggetto:</b> Re: [Moims-dai] SEC WG notes<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" align="left" width="100%" style="width:100.0%">
<tbody>
<tr>
<td style="background:#FFB900;padding:5.0pt 2.0pt 5.0pt 2.0pt"></td>
<td width="100%" style="width:100.0%;background:#FFF8E5;padding:5.0pt 4.0pt 5.0pt 12.0pt">
<div>
<p class="MsoNormal" style="mso-element:frame;mso-element-frame-hspace:2.25pt;mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal:column;mso-height-rule:exactly">
<b><span style="color:#222222;mso-ligatures:none">**ATTENZIONE**:</span></b><span style="color:#222222;mso-ligatures:none"> Questo messaggio proviene da un ACCOUNT ESTERNO, presta attenzione ad eventuali link o allegati al suo interno.
<o:p></o:p></span></p>
</div>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span lang="EN-GB" style="mso-ligatures:none"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US">Thanks Mike.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US">I think there has been a misunderstanding if he thinks we are only “</span><span lang="EN-US" style="font-family:"Arial",sans-serif">concerned with high level attributes such as data
provenance and data access</span><span lang="EN-GB" style="mso-fareast-language:EN-US">”
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US">I don’t think we said we would add security directly to our standard, but could add pointers to, say, REST security.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US">But perhaps I am misremembering the conversation.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US">What do other say?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US">..David<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US" style="mso-ligatures:none">From:</span></b><span lang="EN-US" style="mso-ligatures:none"> MOIMS-DAI <<a href="mailto:moims-dai-bounces@mailman.ccsds.org">moims-dai-bounces@mailman.ccsds.org</a>>
<b>On Behalf Of </b>Mike Kearney via MOIMS-DAI<br>
<b>Sent:</b> Friday, June 2, 2023 8:48 PM<br>
<b>To:</b> 'MOIMS-Data Archive Interoperability' <<a href="mailto:moims-dai@mailman.ccsds.org">moims-dai@mailman.ccsds.org</a>><br>
<b>Cc:</b> <a href="mailto:kearneysolutions@gmail.com">kearneysolutions@gmail.com</a><br>
<b>Subject:</b> [Moims-dai] SEC WG notes<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">The Security Working group issued their minutes for the spring meeting, and they included this note:
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<ol style="margin-top:0cm" start="12" type="1">
<li class="MsoNormal" style="margin-bottom:6.0pt;mso-list:l1 level1 lfo3"><u><span lang="EN-US" style="font-family:"Arial",sans-serif">Data Archiving Interoperability (DAI)</span></u><span lang="EN-US" style="font-family:"Arial",sans-serif">: While not ‘officially’
a joint meeting, Howie Weiss attended the Data Archiving Working Group based on Chuck Sheehe’s questions regarding security for data at rest. Currently the data archiving group is concerned with high level attributes such as data provenance and data access.
Their existing documents allude to security, mostly from an access control and integrity perspective, but do not mandate mechanisms to provide security. DAI agrees that they need to gain more specificity and detail to provide protection of data provenance.
We had a good discussion, provided DAI with some security concepts to think about, and will continue to be in contact.
<o:p></o:p></span></li></ol>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#002060;mso-ligatures:none"> -=- Mike<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#002060;mso-ligatures:none"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-ligatures:none">Mike Kearney<span style="color:#002060"><o:p></o:p></span></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#002060;mso-ligatures:none">Huntsville, Alabama, USA
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
</div>
</body>
</html>