Library and Archives Canada
Symbol of the Government of Canada

Institutional links

Government

Previous | Table of Contents | Next

8. Details of Individual Metadata Elements

8.21 Encryption Description

Attributes

Attribute

Value

Identifying Attributes

Name

encryptionDescription

Label

Encryption Description

Defined by

Government of Canada Records Management Metadata Standard - encryptionDescription

Element URI

[To be actioned by Treasury Board of Canada, Secretariat before publication]

Definitional Attributes

Definition

Information or pointers to information, about how a record is systematically scrambled.

Purpose

To enable decryption (and hence, access) if the record is stored in the EDRMS in an encrypted state.

To enable re-encryption if the record is stored in the EDRMS in a decrypted state, but needs to be moved to another EDRMS or location.

Rationale

"The regulatory environment, in which the organization operates, establishes broad principles on access rights, conditions or restrictions that should be incorporated into the operation of records systems…Records may contain personal, commercial or operationally sensitive information. In some cases, access to the records, or information about them, should not be permitted….Ensuring appropriate access controls is done by assigning access status to both records and individuals." ISO International Standard 15489-1, s. 9.7

"Managing the access process involves ensuring that:
a) records are categorized according to their access status at a particular time,
b) records are only released to those who are authorized to see them,
c) encrypted records can be read as and when required and authorized,
d) records processes and transactions are only undertaken by those authorized to perform them, and
e) parts of the organization with responsibility for particular business functions specify access permissions to records relating to their area of responsibility." ISO International Standard 15489-1, s. 9.7

"Control measures such as access monitoring, user verification, authorized destruction and security should be implemented to prevent unauthorized access, destruction, alteration or removal of records." ISO International Standard 15489-1, s. 8.2.3

"Key elements of security metadata, such as basic access rights or restrictions, should be identified and applied at the point of record creation and capture in order to facilitate a record's ongoing preservation and management." ISO Technical Specification 23081-1, s. 9.2.4.1

Value Domain

Non-enumerated strings of text.

Datatype Name

String

Constraint

Applicable at record level only.

Obligation

Optional at record level.

Relational Attributes

Encoding Scheme

-

References

-

Linkages

Encryption Status

Conditions of Application - Record

Format

Free text

Modifiable

Pre Record Declared Locked

Post Record Declared Locked

Yes

Yes, by authorized official only.

Occurrence

Not repeatable

Conditions of Application - File

Format

-

Modifiable

-

Occurrence

-

Comments and Guidance

a) Explanation of Definition/Usage

This element can be used either to record the encryption details themselves (if the EDRMS is considered sufficiently secure), or to record the location of the encryption details that are stored outside the EDRMS.

b) Best Practices

If encryption is used, details need to be recorded about the public and private keys, and the Certification Authority which has authorized, and which vouches for, the identity of the key holders. These details are required in order to restrict or enable access to the encrypted record.

It is recommended that information regarding private keys never be held within the EDRMS.

It is important for an institution to understand that encryption affects the information management lifecycle of a record, in that future use of the record will rely on the encryption key that is applied to that record. Further, transfer of the record may require decryption. Institutions are encouraged to create business rules to ensure procedures are in place to decrypt a record in a timely fashion.

Once an encrypted record is locked and the description supplied, the value of this element may be modified by an authorized official only. Such modification may be necessary, as stated above, to provide details about decrypting a record for transfer to Library and Archives Canada. Alternatively, in some cases, a locked non-encrypted record may need to be encrypted for transfer outside the GC; the details of the encryption would then have to be recorded in this element.

It is important to note that in the cases cited above, both the metadata record and the record itself are actually being modified.

c) Obligation

This element is descriptive in nature and therefore is optional; it is not a core records management requirement.


d) Default Values/Auto-populate

The contents of this element will be unique to the situation; hence, it cannot be defaulted or auto-populated.

e) Linkages

This element is intrinsically linked to the Encryption Status element.

f) Examples

  1. "PKI"

  2. "Institution's Security Division"

Previous | Table of Contents | Next