Jun,02

BS ISO IEC 27038-2014 pdf – Information technology — Security techniques — Specification for digital redaction

BS ISO IEC 27038-2014 pdf – Information technology — Security techniques — Specification for digital redaction

BS ISO IEC 27038-2014 pdf – Information technology — Security techniques — Specification for digital redaction.
4 General principles of digital redaction 4.1 Introduction Redaction is carried out in order to permanently remove particular information from a copy of a document. It should be used when, for example, one or two individual words, a sentence or paragraph, an image, a name, address and/or signature needs to be removed from a document prior to it being disclosed to individuals who are not authorized to view the removed information. The process of digital redaction is not simply to remove information but also to indicate where necessary that some information has been removed, so that the reader knows that the document has been redacted. For example, there can be a need to know that some words or some paragraphs have been deleted in order to maintain the semantics of the non-redacted information. 4.2 Anonymization As an example, one of the purposes of redaction is to remove personally identifiable information (PII) from a document (anonymization). Where such a purpose is applicable, then redaction processes shall be so designed such that the identity of the individual about whose information is being redacted is protected. It can be, for example, that even though a name has been redacted from a document, the identity of the individual is evident from the remaining information. Where anonymization is required, all information that could be used to identify the individual shall be redacted. This shall include all information that could be used in conjunction with other information (which can be obtained from other sources) to identify the individual. 5 Requirements 5.1 Overview Organizations should have the capability to identify documents that need to be redacted prior to their release to other parts of the organization or to others (such as the public).
When identifying information that needs to be redacted prior to release, whole sentences or paragraphs should not be identified if only one or two words in that sentence or paragraph are to be redacted, unless the release would enable the identification of the redacted information by context. Where necessary, information relating to the effect that a digital document has been redacted shall be linked with the digital document. To identify the fact that a redaction process has been undertaken, redacted information may be replaced by a sentence stating that some information has been redacted. When redaction is performed on a digital document, any metadata included within the digital document shall be reviewed for redaction requirements and appropriate redactions undertaken. Where redaction is performed on a digital document that contains images, video and/or voice information, redaction techniques that remove the necessary information shall be used. 5.2 Redaction principles The redaction of digital documents shall be carried out in accordance with the following principles: — Retention of digital original document The original or master version of a digital document shall not be redacted – redaction shall be carried out on a copy of the digital document. Original digital documents (e.g. the un-redacted document) shall be retained and be accessible only to those authorized. — Complete removal of redacted information Redaction shall irreversibly remove the required information from the redacted version of the document. The information shall be completely removed from the digital document, not simply from the displayable content. — Security evaluated redaction
6 Redaction processes 6.1 Introduction The redaction of digital documents is a relatively new area of information and records management practice, and raises unique issues and potential risks. Redaction may be carried out using a number of approaches: — use of paper intermediaries; — use of digital image intermediaries; — simple redaction using plain text format files; — complex redaction using original “complex” format files. The following specifies the technical aspects of redacting digital documents. 6.2 Paper intermediaries For digital documents which can be printed as a hardcopy, redaction techniques utilizing paper intermediaries may be used. There are 2 methods that can be used within this technique: — The digital document is printed onto paper and redaction carried out on the printed copy. In this case, the equipment / process used for the redaction shall ensure that the redacted information cannot be retrieved. The use of black marker pens may not be sufficient for this requirement. To ensure that redacted information cannot be retrieved, a photocopy of the redacted paper document shall be taken and it shall be used as the final redacted document.

Download
The previous

BS ISO IEC 29109-5-2014 pdf - Information technology — Conformance testing methodology for biometric data interchange formats defined in ISO/IEC 19794 Part 5: Face image data

The next

BS ISO IEC 17839-2014 pdf - Information technology — Biometric System-on-Card Part 1 : Core requirements

Related Standards

IEC PAS 62407-2005 pdf – Real-time Ethernet control automation technology (EtherCAT TM )
Jun,06 181
IEC PAS 62407-2005 pdf – Real-time Ethernet control automation technology (EtherCAT TM )
IEC 60836-2005 pdf – Specifications for unused silicone insulating liquids for electrotechnical purposes
Jun,06 150
IEC 60836-2005 pdf – Specifications for unused silicone insulating liquids for electrotechnical purposes
IEC 61225-2005 pdf – Nuclear power plants – Instrumentation and control systems important to safety – Requirements for electrical supplies
Jun,06 171
IEC 61225-2005 pdf – Nuclear power plants – Instrumentation and control systems important to safety – Requirements for electrical supplies
IEC 61925-2005 pdf – Multimedia systems and equipment – Multimedia home server systems – Vocabulary of home server
Jun,06 168
IEC 61925-2005 pdf – Multimedia systems and equipment – Multimedia home server systems – Vocabulary of home server
IEC 62141-2005 pdf – Helical-scan digital video cassette recording format using 12,65 mm magnetic tape and incorporating MPEG-4 compression – Type D-16 format
Jun,06 203
IEC 62141-2005 pdf – Helical-scan digital video cassette recording format using 12,65 mm magnetic tape and incorporating MPEG-4 compression – Type D-16 format
IEC 19502:2005 pdf – Information technology — Meta Object Facility (MOF)
Jun,06 154
IEC 19502:2005 pdf – Information technology — Meta Object Facility (MOF)
BS IEC-62050-2005 pdf – VHDL Register Transfer Level (RTL) synthesis
Jun,06 187
BS IEC-62050-2005 pdf – VHDL Register Transfer Level (RTL) synthesis
IEC 60432-3-2005 pdf – Incandescent lamps – Safety specifications – Part 3: Tungsten-halogen lamps (non-vehicle)
Jun,06 155
IEC 60432-3-2005 pdf – Incandescent lamps – Safety specifications – Part 3: Tungsten-halogen lamps (non-vehicle)
IEC 60950-22-2005 pdf – Information technology equipment – Safety – Part 22: Equipment to be installed outdoors
Jun,06 176
IEC 60950-22-2005 pdf – Information technology equipment – Safety – Part 22: Equipment to be installed outdoors
IEC 61097-6-2005 pdf – Global maritime distress and safety system (GMDSS) – Part 6: Narrowband direct-printing telegraph equipment for the reception of navigational and meteorological warnings and urgent information to ships (NAVTEX)
Jun,06 130
IEC 61097-6-2005 pdf – Global maritime distress and safety system (GMDSS) – Part 6: Narrowband direct-printing telegraph equipment for the reception of navigational and meteorological warnings and urgent information to ships (NAVTEX)

Tags

IEC-61954 pdf (0) IEC 61603-7 (0) IEC 61534-1 (0) IEC 61921 pdf (0)

www.findfreestandards.com