ASME Y14-42 pdf free download

ASME Y14-42 pdf free download DIGITALAPPROVAL SYSTEMS
2.1.3 Manual Drawings. Manually prepared and approved drawings and associated documents may be exempt from the requirements of this Standard. When manually prepared and approved drawings are con- verted to digital file formats, the use ofa digital approval indicator should be considered for future revisions.
2.1.4 Printouts of Digital Documents. Hard copy printouts of digital drawings shall contain dated indica- tion that the document has been approved.
2.1.5 Digital Copies of Digital Documents. When approval indicators reside in separate documents and are hyperlinked to the digital drawing, the approval indicators shall be affixed to the digital copy of the document.
2.2 Authentication and Verification of Approval Indicators Authentication applies to the validation of the approval indicator. Verification of an approval indicator applies to the validation of the approval process.
2.2.1 Authentication. A system of authentication shall be developed to ensure theaccuracyoftheapproval indicator. The authentication of an approval indicator is the process that validates the unique association of the owner of the indicator to the indicator. Methods for user authentication may be extended to provide approval indicators by combining them with cryptographic tech- niques of various kinds. Examples of technologies that have been developed for user authentication include: password systems, cryptographic systems, and biomet- rics identification methods.
2.2.2 Verification. Approval indicator verification is a process whereby all users of a document are assured that an authentic approval indicator has been used. In general, the document, the approval indicator, and other information, such as cryptographic keys or biometrics templates, may be used.
2.3 Security The digital approval system shall be protected with a security system that protects both the system and the data within the system from unauthorized access or modification.
2.3.1 Integrity. The digital approval system shall identifyvalid approvals ofthe data. The approval indica- tor shall not be applied without authorization. The sys- tem shall also identify what is approved. Alteration of either the approved document or the approval indicator should be detectable by the digital approval system.
2 2.3.2 Non-Repudiation. The digital approval system shall provide the necessary integrity and ability to authenticate the signature(s) such that the signature(s) cannot be repudiated. When documents are transported to another system(s), the integrity of the document, including its contents, approval indicators, approval indicator attributes, and document attributes, shall be maintained.
2.3.3 Authority. The system shall have a verifiable authority to create and distribute approval indicators. A unique authorization identity is issued to each approver.
2.3.4 Protecting Approval Indicator Information. Protection and control of approval indicator information, and the media or device in which it is contained, shall be a key ingredient of the system’s security.
2.3.4.1 Active Documents. Approval indicator information shall be maintained current, accessible, and fully functional as long as the document to which it is applied is considered active. This also applies when media or device systems protocols migrate (i.e., as sys- tems update or change).
2.3.4.2 Inactive Documents. Approval indicator information that has been applied to documents no longer active should be fully accessible. Migration of active media or device systems should retain the capa- bility to recognize and validate approval indicator infor- mation applied to archived documents. This may be achieved through either continuous protocol updates to archived documents or“backwardcompatible” capabili- ties of migrated active media or device systems.
2.3.5 User Authentication With Passwords. For the purposes of this Standard, when a password system is used, the user shall control the password.
2.3.5.1 Password Over a Network. When a password is communicated over a network, the password shall be encrypted or physical appliances used, or both, to prevent unauthorized interception.
2.3.5.2 Password Criteria. Systems using passwords shall establish criteria that will ensure security of the system and its data. The following factors should be considered: