We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJailyn Slawson
Modified about 1 year ago
11 June 2004© 2004 Wimmer Systems, Inc. 1 Cryptography Facilitates Record Security and Integrity Presented By Derek Wimmer President Wimmer Systems, Inc. P.O. Box 739 Liberty, Missouri 64069
© 2004 Wimmer Systems, Inc.2 11 June 2004 Presenter Background Derek Wimmer Microbiologist and Quality Assurance Auditor in the Pharmaceutical Industry 1994 - 1999 Software vendor specializing in 21 CFR 11 solutions 1999 - present DaCS™ First commercial Part 11 solution specifically for Microsoft® Excel In production use since 2001 Used by major pharmaceutical companies worldwide Utilizes cryptographic methods to help ensure electronic record security and integrity
© 2004 Wimmer Systems, Inc.3 11 June 2004 Topic of Presentation What requirements would preserve record security and integrity and ensure that records are suitable for inspection, review, and copying by the agency?
© 2004 Wimmer Systems, Inc.4 11 June 2004 Preserving Record Security and Integrity Preservation During use period (within the electronic record system) During retention period (within archives and outside the system) During submission period (outside owner’s control) USAGE RETENTIONSUBMISSION
© 2004 Wimmer Systems, Inc.5 11 June 2004 Preserving Record Security and Integrity Security - preventing alteration Active controls Limiting access to record Limiting ability to alter Relies on physical or computerized controls Passive controls Ability to detect alteration Threat of repercussions Relies on psychological controls (deterrence)
© 2004 Wimmer Systems, Inc.6 11 June 2004 Integrity - means of ensuring fidelity (detecting alteration) Reference Compare to “master” copy Master copy must be available Fingerprinting Compare to mathematical transformation or cryptographic method Method must be available to do so Preserving Record Security and Integrity
© 2004 Wimmer Systems, Inc.7 11 June 2004 DaCS™ Integrity Check Methodology PASSFAIL A0-13-C4-DE B6-09-FF-01A0-13-C4-DE = 1. Generate secure digital signature of file data. 2. Embed digital signature in file. 3. Later, excise signature and generate new signature of file data. 4. Compare new signature to embedded signature.
© 2004 Wimmer Systems, Inc.8 11 June 2004 Suitable for Inspection, Review, and Copying by the Agency Must be able to remove the record from the system You can’t rely on system’s controls to provide security and integrity May require conversion of the record to different and unknown formats Record is out of the owner’s control
© 2004 Wimmer Systems, Inc.9 11 June 2004 Why Cryptographic Fingerprinting Methods Meet Requirements Preservation Fingerprint can be archived or transmitted with record Does not require control system to maintain Security Deters record alteration by virtue of being able to detect alteration Secure cryptographic methods are available Integrity Allows verification of record fidelity Suitability for Inspection Activities Independent of control system Allows for portability of records
© 2004 Wimmer Systems, Inc.10 11 June 2004 Burden of Requirement Technological burden is LOW Secure algorithms and methods are publicly available ...are already built into commercial operating systems ...can be used for no licensing cost …have been commonly used in multiple applications …infrastructure for some applications already built Implementation burden is REASONABLE Must put resources into applying methods to records May require implementing new or existing infrastructure Burden is LESS THAN no requirement Clarifies acceptable methods Reduces need for resource-intensive controls Burden can be REDUCED by Application of public/free methodologies Use of commercial systems Spreading burden over large number of systems
Cryptography and Network Security (CS435) Part One (Introduction)
Cryptography and Network Security Chapter 1. Background Information Security requirements have changed in recent times traditionally provided by physical.
DIGITAL SIGNATURE. CAN ELECTRONIC DATA BE TRUSTED? Accuracy and Authenticity Decisions regarding Environmental Health and Impact Security Protection.
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Digital Watermarking Rob Farraher Ken Pickering Lim Vu.
John F Murray Jr 1 Part 11, Electronic Records; Electronic Signatures John F. Murray Jr. U.S. Food and Drug Administration Center for Devices and Radiological.
What happens to Your Thesis after Examination? David Howard: Manager Library Collections and Access. October 2010.
Security of Electronic Records 29th Meeting of the ICA / SIO Geneva -13 May 2003 Milovan Misic.
Project co-financed by European Union Project co- financed by Asean European Committee for Standardization Implementing Agency1 GMP Workshop Kuala Lumpur.
FDA Part 11 Public Meeting Part 11 Simplification, and a Return to the Original Intent Presented By: Martin Browning, EduQuest, Inc.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Kyle McDuffie, Vice President Beckman User Meeting 2001 Delaware. Orlando. Holland. UK Instrument Integration and Regulatory Compliance.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
CPS ® and CAP ® Examination Review OFFICE ADMINISRATION, Fifth Edition By Schroeder and Graf ©2005 Pearson Education, Inc. Pearson Prentice Hall Upper.
1 MD&M East 98 Conference New York June 1998 Presentation by Daniel E. Worden PRACTICAL APPROACHES TO ELECTRONIC SIGNATURES.
You Can’t Get There From Here! Prof. Neil Barrett BCS Oxford – 29 th Nov
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Authentication of the Federal Register Charley Barth Director, Office of the Federal Register United States Government.
Meganet Corporation VME Sign Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Digital image processing is the use of computer algorithms to perform image processing on digital images which is a subfield of digital signal processing.
The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.
Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
National Archives of Australia Digital Preservation Update Cornel Platzer Director Digital and Audiovisual Preservation.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Confidential CFR Part 11 Public Meeting The Role of the Technology Provider in the Pharmaceutical Industry Jean Paty, Ph.D. Co-founder.
Trusted Electronic Transactions. Why conduct transactions electronically? Three Characteristics that ensure trust in electronic transactions How.
Institutional Repositories July 2007 DIGITAL CURATION creating, managing and preserving digital objects Dr D Peters DISA Digital Innovation South.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CROMERR Applied to Industrial Pretreatment Linko Data Systems, Inc. PretreatmentPretreatment & Fats Oil and Grease SoftwareFats Oil and Grease Software.
Security Services ECE Lecture 1. Need for information security widespread use of data processing equipment: computer security widespread use of.
GMP Document and Record Retention GMP Document and Record Retention.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Microsoft Confidential Solution Overview: Foxit Software Corporation’s PDF Security Suite.
Using Public Key Cryptography Key management and public key infrastructures.
1 Digital Preservation Testbed Database Preservation Issues Remco Verdegem Bern, 9 April 2003.
Applied Cryptography for Network Security CS 592 University of Colorado at Colorado Springs by Jugal Kalita.
Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.
@ulccwww.ulcc.ac.uk IRMS Cymru October 2015 From EDRMS to digital archive: a wish-list for ways to preserve digital records.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Persistent Digital Archives and Library System (PeDALS) Dennis Bitterlich, Electronic Records Archivist.
The world leader in serving science OMNIC DS & Thermo Security Administration 21 CFR Part 11 Tools for FT-IR and Raman Spectroscopy.
© 2017 SlidePlayer.com Inc. All rights reserved.