Issue 14967: Assurance of Document Integrity on Open (rms-ftf) Source: TethersEnd Consulting (Mr. Daryll Prescott, drp(at)tethersend.com) Nature: Severity: Summary: The RM environment when an authorized user wants to "open" a record, a copy of the ManagedRecord must be provided to the user to open, or placed in a temp directory to open to preclude any possibility of any change Resolution: Revised Text: Actions taken: January 14, 2010: received issue Discussion: End of Annotations:===== s is issue # 14967 drp@tethersend.com Assurance of Document Integrity on Open From: "PrescottD" To: "'RMS-FTF@omg.org'" Subject: Issue 14967 Date: Thu, 4 Mar 2010 14:42:44 -0500 X-Mailer: Microsoft Outlook, Build 10.0.2627 X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.8161:2.4.5,1.2.40,4.0.166 definitions=2010-03-04_08:2010-02-06,2010-03-04,2010-03-04 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=5.0.0-0908210000 definitions=main-1003040182 Assurance of Document Integrity on Open. "The RM environment when an authorized user wants to "open" a record, a copy of the ManagedRecord must be provided to the user to open, or placed in a temp directory to open to preclude any possibility of any change. (Daryll Prescott, 20090404)" One of the most basic founding principles that go to the assurance of authenticity is the RM environment never gives up the managed record. Therefore, the RM environment shall only provide a copy of the managed record. This is extended to the attributes that contribute to the object that is the managed record. Only copies of the data that populate the attribute should be provided to an authorized requestor. I would get away from the "...tem directory..." as noted above because it is only one possible way of presenting out the copy. From: "Larry L. Johnson" To: "'PrescottD'" , "'RMS-FTF@omg.org'" Subject: RE: Issue 14967: Assurance of Document Integrity on Open Date: Sat, 6 Mar 2010 12:07:17 -0500 X-Mailer: Microsoft Office Outlook 11 Thread-Index: Acq70vFWZqFSff4oQY++iaWstllM1gBfCoGA X-ACL-Warn: { X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - capricorn.lunarpages.com X-AntiAbuse: Original Domain - omg.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - TethersEnd.com X-Source: X-Source-Args: X-Source-Dir: Given that this is a well documented principle of the RMS, do we need to do anything further with the spec? I would propose a disposition of "Closed with No Change". I have marked the log as such until I hear differently. LJ -------------------------------------------------------------------------------- From: PrescottD [mailto:drp@tethersend.com] Sent: Thursday, March 04, 2010 2:43 PM To: 'RMS-FTF@omg.org' Subject: Issue 14967 Assurance of Document Integrity on Open. "The RM environment when an authorized user wants to "open" a record, a copy of the ManagedRecord must be provided to the user to open, or placed in a temp directory to open to preclude any possibility of any change. (Daryll Prescott, 20090404)" One of the most basic founding principles that go to the assurance of authenticity is the RM environment never gives up the managed record. Therefore, the RM environment shall only provide a copy of the managed record. This is extended to the attributes that contribute to the object that is the managed record. Only copies of the data that populate the attribute should be provided to an authorized requestor. I would get away from the "...tem directory..." as noted above because it is only one possible way of presenting out the copy. The requirement should be that only a copy is presented out, never the object and the data in the attributes that comprise the managed record. The RM environment when an authorized user wants to "open" a record, a copy of the ManagedRecord must be provided to the user to open, or placed in a temp directory to open to preclude any possibility of any change