電子檔案長期安全機制架構

Long Term Security Framework for Electronic Archives

電子檔案（eArchives）具有容易拷貝且不易分辨複本（copy）與原本（origin）的特性，而基於具機敏性之電子檔案的長期保存需求，諸如機密性（confidentiality）、完整性（integrity）、鑑別性（authenticity）、不可否認性（non-repudiation）等所面臨之長期安全（long term security）議題日益受到重視。本文首先指出所採用密碼學技術的長期安全需求，並探討實務上所面臨之金鑰管理、憑證效期屆滿與廢止、密碼學技術安全分析與破密進展等安全威脅問題。隨後，本文將分別提出技術面與管理面的建議方案，使得電子檔案仍能持續保有長期安全之需求。

Electronic archives (eArchives for short) have the characteristics that are easy to be copied, and hard to be distinguished from the origin and its copy. Due to the long term preservation requirements for confidential (or sensitive) eArchives, issues on long term security for archives confidentiality, integrity, authenticity, and non-repudiation are more and more important to be considered. This article first addresses the long term security requirements for the adopted cryptographic techniques, and investigates some practical security problems on key management, certificate expiration and revocation, security analysis for cryptographic techniques and cryptanalysis progress. Subsequently, we will suggest possible approaches from technical and management aspects, respectively, for the provision of long term security for eArchives.