[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Non Repudiation
Arvola,
This
is my understanding of the non-repudiation problem.
I am
assuming the general case of n partners in a business
process.
If
n=2, it is incidental.
The
persistent copy of the message (including payloads)
will
be stored as "archives" for a long time. Without these
archives,
nonrepudiation is not possible. Some
specific
issues/comments below.
1.
What is the archival policy?
There are three broad types of
archival policies.
- archived
till a fixed date ("fixed policy")
- archived
relative to today, say for 7 years ("relative")
- always
keep an archive of k backups taken at the end of a predefined
interval.
When the time period elapses, the earliest back up is trashed and a new one is
added
2. Are
there regulations that mandate any of the archival policy?
Some industries do have such
requirements. I fairly sure banking industry has one.
3.
When there are multiple partners, the CPA, if it has the archival policy,
then
should
be same for all the partners in the business process. However,
it is also
possible that the same trading partner may be involved
with multiple business
processes involving different archival
policies.
Needless to say, non-repudiation is a vital requirement
for business.
Comments 2 & 3 above lead me to believe that
non-repudiation requirements (archival
policy, and any other piece of info for processing the
archives) will likely need to be
represented in the CPA, and will likely be
specific to the business process. Hope this helps!
On the
other question of logging, I don't think I quite understand the
question.
I
would say logging is neither below nor above but along side!
Cheers,
-Suresh
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC