Upload
fujitsu-global
View
301
Download
0
Embed Size (px)
DESCRIPTION
BA is modernizing the supporting processes and basic services. For this purpose, the Federal Employment Agency has started several renewal projects. One of these projects is the above measure Lifecycle eArchiv (LeAR) for audit-compliant long-term storage. BA is going to transform more and more business processes from paper work to complete electronic processing, documentation and historization (e.g. DiBAS, e-file DMS). The target is to reduce costs and to improve the quality of services, internal processes and customer orientation. The speaker reports from his own experience within BA and the experience of BA as a service center with the offer audit-compliant long-term storage for federal authorities in Germany. Speakers: Mr. Mathias Ehlers (German Federal Employment Agency (Bundesagentur für Arbeit))
Citation preview
0 Copyright 2014 FUJITSU
Human Centric Innovation
Fujitsu Forum 2014
ICM Munich 19th – 20th November
1 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Fujitsu Compliant Archiving Solutions for Legal e-Archiving
Thomas Walloschke Security Solutions
Fujitsu Global Delivery
2 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Fujitsu Compliant Archiving
The Fujitsu Offering for „Legal e-Archiving
At a Glance e-Archiving Integrators
German Compliance Integration Scenarios
Smart Integration
Legal e-Archiving @ SAP
Sustainable Data
Machineroom Solutions at a Glance
Fujitsu Secure Mailroom
Implementations
3 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
The Secret of Confidentiality
Protecting Your Trust
4 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Beauty
5 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Beauty of Trust
6 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Sustainability of Trust
Magnificent age of 310 million years
7 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Beauty of Your Content
8 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Your Content is Sealed as in Amber
You can see the content
9 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Your Content is Sealed as in Amber
You can see the content
You cannot change the content without
damaging the amber
10 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Your Customers Content is Sealed as in Amber
And you can focus on single objects of
the content
11 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Be Curious!
You can use a magnifying glass
to obtain a detailed view of each individual object
12 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
And Be Curious Before Others will be!
A
very warm welcome
to the Supervisory
Authority
Slightly related to
the upcoming
EU wide
eIDAS Regulation…
13 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Protect Your Trust!
“I solemnly pledge that…”
14 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
There is a Common European Way of Building Trust
“I solemnly pledge that…”
15 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Fujitsu Compliant Archiving
Legal e-Archiving by Fujitsu
16 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Sustainability of Documents and Data
~2,6 Mio. Years 30 …110 Years
Today Stone Age 2044
17 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Sustainability of Documents and Data
What will done with contemporary „cave art“ in future? How resilient are today‘s documents? Which context is required to find documents and data in future?
~2,6 Mio. Years 30 …110 Years
?
Today Stone Age 2044
18 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Legal e-Archiving is a Must
Legal and compliance regulations demand archiving solutions
Management can be held personally responsible
19 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
The two main aspects of Archiving (Repeated…)
How to organize a compliant long-term preservation of electronic documents?
How to store archive data efficiently and save?
1 2
Compliance Infrastructure Budget
20 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Why e-Archiving?
Paper Archives are too costly and insecure, digitization is inevitable.
Tons of digital documents are created daily.
How to ensure long term preservation?
How to preserve the evidence value of digital docs?
How to deal with fast technology changes?
How to relieve expensive online storage from outdated and archive data?
Motivation
21 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Permanent validation of compliance (IETF RFC-4998, DIN 31647)
Transportable proof of evidence bound to data
Certified IT-Security(CC EAL 4+)
Compliance with any Regulation 99+
Full replacement of paper archives
Simplified auditing
Fujitsu SecDocs
Benefits & Characteristics
22 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Core Elements of Digital Archiving
Using internationally agreed formats for long term preservation (PDF/A, TIFF) during ingesting
Create and preserve evidence values for the archived document (IETF RFC-4998, DIN 31647)
Storage Media that cannot be changed (WORM)
Document Evidence record
10110011111000101100010111011000110001100001110101011110001110110111001011100011010111000111101101011100101010101001001
111010100
23 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Core Elements of Compliant Digital Archiving
Using internationally agreed formats for long term preservation (PDF/A, TIFF) during ingesting
Create and preserve evidence values for the archived document (IETF RFC-4998, DIN 31647)
Storage Media that cannot be changed (WORM)
Document
Most critical element for
compliant archiving Evidence record
10110011111000101100010111011000110001100001110101011110001110110111001011100011010111000111101101011100101010101001001
111010100
24 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Migration: Validierung der Beweiskraft kann extern erfolgen. Die Evidence Records basieren auf internationalen Standards
Fujitsu SecDocs - Architecture
Processes
Infrastructure SecDocs
Archive Service
Certified Security Components (ArchiSafe, ArchiSig, Crypto funct.)
Storage
Certification Services
Timestamps, certificate validation
… Business
Application (e.g. SAP, etc.)
Document Management
(DMS)
Scan Application
25 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Infrastructure Certification Services
Fujitsu SecDocs - Highlights
Processes
SecDocs
Archive Service
Certified Security Components (ArchiSafe, ArchiSig, Crypto funct.)
Storage
Unified Information Access Semantic Web Technology
Simple Migration
…
Transportable Proof of Evidence, testable extrnally – LTANS-ERS
Generates and preserves Proof of Evidence „Longer than a human life“.
Timestamps, certificate validation
Business Application (e.g. SAP, etc.)
Document Management
(DMS)
Scan Application
Trustworthy certified Security
26 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Examples(1)
Electronic File SGB (DE) (=General social data protection)
Electronic File Aviation
Electronic File Banking
Electronic Files
SAP Integration ArchiveLink and BC-ILM
SAP
27 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Examples(2)
Solutions for government
Solutions for organisations governed by public law
Governance and Legal e-Archiving
E-Government Law
„Legally binding scanning in electronic files (DMS) and destruction of paper” according to German regulation (eGov-Law, Tech.Guidelines)
Legally Binding Scanning
Agenda 2015, 2018,2020
28 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Fujitsu Compliant Archiving
Legal e-Archiving according to OAIS (ISO 14721:2012)
Smart Integration
29 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Langzeit- speicher
Archive Service
Certified Security Components (ArchiSafe, ArchiSig, Crypto funct.)
Access Service Zertifikats- dienste
Zeitstempel, Zertifikatsvalidierung
OAIS
Model
Preser- vation- Planning
Archiv-
Administration
Legal e-Archiving in Context of ISO 14721 OAIS
Producers/ Consumers
Storage
Web Application
Ingest Access
SIP: Submission Information Package AIP: Archival Information Package DIP: Dissemination Information Package
Business Application
(e.g. SAP, etc.)
Document Management
(DMS)
Scan Application
30 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Langzeit- speicher
Archive Service
Certified Security Components (ArchiSafe, ArchiSig, Crypto funct.)
Access Service Zertifikats- dienste
Zeitstempel, Zertifikatsvalidierung
OAIS
Model
Preser- vation- Planning
Archiv-
Administration
Legal e-Archiving in Context of ISO 14721 OAIS
Storage
Ingest Access
SIP: Submission Information Package AIP: Archival Information Package DIP: Dissemination Information Package
AIP
DIP
AIP
SIP
Producers/ Consumers Web
Application
Business Application (e.g. SAP, etc.)
Document Management
(DMS)
Scan Application
31 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Generic OAIS Model using Access Service
Processes
Storage
…
Infrastructure
OAIS Model
Archive Service - SecDocs
Certified Security Components (ArchiSafe, ArchiSig, Crypto funct.)
Access Service - ASP
Business Application (e.g. SAP, etc.)
Document Management
(DMS)
Scan Application
Certification Services
Timestamps, certificate validation
32 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Access Service - Highlights
Processes
Storage
…
Infrastructure
OAIS Model
Archive Service - SecDocs
Certified Security Components (ArchiSafe, ArchiSig, Crypto funct.)
Access Service - ASP
Administration of Archive Service
Search and Retrieval
Certification Services
Timestamps, certificate validation
Business Application (e.g. SAP, etc.)
Document Management
(DMS)
Scan Application
Simple Integration – Web Service API
Workflow controlled Ingest
33 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Why Fujitsu SecDocs is an ideal Solution
Neutral long term storage of data, metadata and proof of evidence (OAIS and LTANS)
Transportable proof of evidence bound to data
Service oriented architecture
Long term data availability independent from software and hardware compliant to any regulation
Simple and cost efficient migration even of many archives
Permanent validation of compliance
One cost reducing archive as central consolidated service
Key Functions Key Advantages
According to IETF RFC-4998
LTANS-ERS
34 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery
Thank you for listening!
35 © FUJITSU LIMITED 2014 Thomas Walloschke, Fujitsu Global Delivery