The increasingly quicker “virtualisation” of business processes and documents in electronic form results in new challenges that did not exist in the “old world” of paper documents - or were at least significantly milder:
Thus, both the administration and companies face the challenge of having to guarantee the readability, availability, integrity, and authenticity for increasing numbers of data and documents created, processed, and stored electronically, even in the distant future.
With the Technical Guideline BSI-TR 03125 “Preservation of Evidence of Cryptographically Signed Documents", BSI is providing a guide that describes how electronically signed data and documents can be stored in a trustworthy manner in the sense of legally valid preservation of evidence over long periods of time - until the end of the retention periods.
In doing so, TR 03125 is not intended to replace known and established requirements and definitions. Rather, the requirements for proper preservation must be complied with for electronically signed documents, too. They are a pre-requisite for TR 03125. The Reference Architecture of TR 03125 is thus not to be understood as a replacement for an archive system, but rather as a middleware that describes a possible execution of the requirements for the legally valid preservation of evidence of cryptographically signed documents during the legally required retention period.
The Technical Guideline is intended primarily for federal agencies. Furthermore, the Technical Guideline is a recommendation, because the need for the legally compliant preservation of evidence of cryptographically signed documents is increasingly gaining importance in nearly all public and private sectors. Electronic documents in the health care sector or medication approvals, electronic invoices and receipts in day-to-day business transactions, civil registers, digital technical documents for the type certificates of aeroplanes, and many other areas require adequate solutions in the scope of the advancing digitalisation of business processes. Even these few examples show the great relevance of the preservation of evidence of electronic documents.
In doing so, BSI used the following design criteria:
Concretely, this Technical Guideline describes a differentiated catalogue of obligatory (shall), recommended (should), and optional (can) requirements with regard to all elements and areas in which there is a need to design in order for agencies and institutions to develop effective, sustainable, and economical technical scenarios for the storage of electronically signed documents and data with the preservation of evidence.
These are primarily
Now, providers and product manufacturers can develop solutions the comply with this Guideline on the basis of the specifications at hand.