[prev in list] [next in list] [prev in thread] [next in thread] 

List:       koffice-devel
Subject:    Re: undo - redo, a security issue
From:       Jaqui Greenlees <jaqui_greenlees () yahoo ! ca>
Date:       2007-12-26 20:51:29
Message-ID: 790982.62001.qm () web38103 ! mail ! mud ! yahoo ! com
[Download RAW message or body]


--- andre@familiesomers.nl wrote:

>
> Could you please be a bit more specific to which
> regulations or laws you
> are referring here? Laws in what country? As far as
> I know, in my country
> (NL) there are no laws or regulations governing data
> formats*, only laws
> that basically stipulate that one has to be very
> carefull with giving out
> data that can be traced back to induviduals. This
> is, however, an issue
> that has more to do with organisational policies
> than with document
> formats per se.

Exactly, but the format has in it sections that
contain data covered by privacy laws. the history for
undo redo when editing can be stored in the file,
making it a multisession history rather than session
only as koffice has.

 However, things may be different in
> other countries. Since
> ODF (and KOffice) is meant to be used in many
> different jurisdictions, it
> would be IMO interesting to know if there are
> countries where there are
> actual legal demands on document formats, and what
> these demands entail.
> 
> Regards,
> 
> André
> 
> *) Except a recent development that open standards
> should be used.

Don't forget, there are standards from the ISO about
software security, both for applications and for
operating systems:

ISO & IEC have a committee called JTC1 (or Joint
Technical Committee 1) that has many subcommittees and
working groups assigned with standardizing systems,
process, workflows, etc, as they related to computers
and networks.  The following 3 standards were
published by JTC1/SC 27:

ISO/IEC 15408-1:1999 “Information technology --
Security techniques -- Evaluation criteria for IT
security -- Part 1: Introduction and general model
	
ISO/IEC 15408-1:1999 “Information technology --
Security techniques -- Evaluation criteria for IT
security -- Part 2 : Security functional requirements

ISO/IEC 15408-1:1999 “Information technology --
Security techniques -- Evaluation criteria for IT
security – Part 3: Security assurance requirements

unfortunately, ISO membership required to read these
documents.

Jaqui




      Looking for a X-Mas gift?  Everybody needs a Flickr Pro Account.

 

http://www.flickr.com/gift/

_______________________________________________
koffice-devel mailing list
koffice-devel@kde.org
https://mail.kde.org/mailman/listinfo/koffice-devel

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic