ISO/TS 24574:2025

FINAL DRAFT
Technical
Specification
ISO/DTS 24574.2
ISO/TC 171/SC 1
Document management
Secretariat: BSI
applications — Specification for a
Voting begins on:
digital safe
2025-03-21
Applications en gestion des documents — Spécification pour un
Voting terminates on:
coffre fort numérique
2025-05-16
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
Reference number
ISO/DTS 24574.2:2025(en) © ISO 2025

FINAL DRAFT
ISO/DTS 24574.2:2025(en)
Technical
Specification
ISO/DTS 24574.2
ISO/TC 171/SC 1
Document management
Secretariat: BSI
applications — Specification for a
Voting begins on:
digital safe
Applications en gestion des documents — Spécification pour un
Voting terminates on:
coffre fort numérique
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
© ISO 2025
IN ADDITION TO THEIR EVALUATION AS
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
or ISO’s member body in the country of the requester.
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
ISO/DTS 24574.2:2025(en) © ISO 2025

ii
ISO/DTS 24574.2:2025(en)
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2  Normative references . 1
3  Terms and definitions . 1
4  Digital safe functional specifications . 2
4.1 Key concepts .2
4.2 Implementation functions .3
4.3 Users management .3
4.3.1 General .3
4.3.2 General administrator (USR-G) .3
4.3.3 Functional administrator (USR-F) .4
4.3.4 Standard user (USR-S) .4
4.3.5 Management of functional administrator (USR-F) .4
4.3.6 Management of standard user (USR-S) .4
4.3.7 Users management environment .4
4.4 Digital safe mandatory functions .4
4.5 Invoke functions parameters .5
4.5.1 General .5
4.5.2 Write function .5
4.5.3 Read function .6
4.5.4 Delete function .6
4.5.5 Read technical metadata function .6
4.5.6 Verify function .7
4.5.7 Read audit trail function .7
4.5.8 List function .7
4.5.9 Count function .7
4.6 Function results.8
4.6.1 General .8
4.6.2 Write function .8
4.6.3 Read function .8
4.6.4 Delete function .9
4.6.5 Read technical metadata function .9
4.6.6 Verify function .9
4.6.7 Read audit trail function .10
4.6.8 List function .10
4.6.9 Count function .10
4.6.10 Other functions .11
4.7 Metadata .11
4.7.1 Technical metadata .11
4.7.2 Additional metadata.11
4.8 Version control of DOs .11
4.9 Retention and disposal .11
4.9.1 Retention .11
4.9.2 Disposal . 12
4.10 Secondary hosting . 12
4.11 Backup . . 12
4.12 Storage technology . 12
4.12.1 Storage technology used . 12
4.12.2 Migration . 12
4.13 Security of access, integrity and confidentiality of messages exchanged . 13
4.14 Encryption . 13
4.15 Date format . 13
4.16 Audit trail . 13

iii
ISO/DTS 24574.2:2025(en)
4.16.1 General . 13
4.16.2 Audit trail related to DOs functions . 13
4.16.3 Audit trail content . 13
4.16.4 Audit trail implementation .14
4.17 Integrity of DOs and audit trails .14
4.17.1 Survey of integrity .14
4.17.2 Loss of integrity .14
4.18 L egal or regulatory requirements . .
...

ISO/TSDTS 24574:2025(en).2
First edition
2025-02
ISO/TC 171/SC 1
Secretariat: BSI
Date: 2025-01-3003-20
Document management applications — Specification for a digital safe
Applications en gestion des documents — Spécification pour un coffre fort numérique

ISO/TSDTS 24574.2:2025(en)
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication
may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying,
or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO
at the address below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: + 41 22 749 01 11
E-mail: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
ISO/TSDTS 24574.2:2025(en)
iii
ISO/TSDTS 24574.2:2025(en)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types of
ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent rights
in respect thereof. As of the date of publication of this document, ISO had not received notice of (a) patent(s)
which may be required to implement this document. However, implementers are cautioned that this may not
represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 171, Document management applications,
Subcommittee SC 1, Quality, preservation and integrity of information.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
ISO/TSDTS 24574.2:2025(en)
Introduction
As part of their activities, public organizations and private companies increasingly use digital content, whether
it is produced by these organizations or by others. Digital content includes documents, data, images and sound
that can be referred to as digital objects. These can be natively electronic or result from the digitization of
printed documents.
To meet legal or management requirements, organizations and companies are expected to use trusted
technology to ensure the integrity over time of all types of digital content. Thus, there is a need for software
that can ensure the integrity, confidentiality and availability of the digital objects over time, including office
documents, PDF files, scan results, JPEG pictures, etc.
This document defines the minimum functions of a digital safe:
— maintaining the integrity, confidentiality and availability of digital objects over time;
— preserving the chain of custody;
— managing retention periods or freeze status, making it impossible to delete digital objects during a
determined period;
— defining the minimum elements to allow the transfer of digital objects between two different digital safes;
— defining the minimum elements of traceability of the software operation;
— managing replication of digital objects;
— ensuring the sustainability of business operations, business continuity and disaster recovery;
— defining encryption requirements.
This document is limited to the functions of integrity, traceability, confidentiality and availability of digital
objects of any kind. It does not address the sustainability of digital objects (i.e. the component does not control
and convert the formats in which digital objects are stored).
In order for users to have confidence in their electronic safe, this software should have the same basic
functions and maintain a common minimum of technical metadata, regardless of the software publisher. These
fundamental elements are also necessary conditions to ensure interoperability between several electronic
safes.
This document is intended for:
— software developers or integrators who wish to develop or integrate a digital safe;
— service providers, such as trust service providers of digital storages, who are looking for software to
support their services;
— software publishers who want to have a repository to develop digital safe software;
— consultants and auditors who wish to have a reference document to build or audit an archiving system.
This document is intended to complement other ISO documents that deal with electronic archiving. Annex A
provides a list of these documents and their link to this document.
v
ISO/TSDTS 24574.2:2025(en)
Document management applications — Specification for a digital safe
1 Scope
This document specifies the minimum functional requirements of digital safe software in order to ensure the
integrity, confidentiality and availability of the digital objects it stores.
This document does not address system environments for the operation of the digital safe, such as physical
security (fire extinguishing system, armoured doors, presence detectors, etc.), power supply security
(generators and transformers) or telecommunication lines.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO 8601-1, Date and time — Representations for information interchange — Part 1: Basic rules
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https://www.iso.org/obp
Field Code Changed
— IEC Electropedia: available at https://www.electropedia.org/
3.1
application programming interface
API
collection of invocation methods and associated parameters used by one piece of software to request actions
from another piece of software
[SOURCE: ISO/IEC TR 13066-6:2014, 2.2]
3.2
audit trail
a record of the activity taking place in an information system over a period of time
[SOURCE: ISO/IEC TR 10032:2003, 2,.7].]
3.3
digital safe
DS
component of an information system consisting of software or a combination of software and hardware for
the preservation of digital objects in such conditions as to ensure their long-term integrity
3.4
digital object
DO
bit stream to be preserved
ISO/TSDTS 24574.2:2025(en)
Note 1 to entry: A digital object can contain a file or a group of files, that can be accompanied by metadata, electronic
signatures, electronic seals, digital timestamps or other evidential records.
3.5
digital object identifier
DO_ID
identifier assigned unambiguously to a digital object in a digital safe
3.6
digital safe identifier
DS_ID
identifier of the digital safe assigned unambiguously to it by a technical administrator during the initial
configuration of the digital safe
3.7
hash code
string of bits which is the output of a hash-function (3.8)
[SOURCE: ISO 24534-4:2010, 3.34]
3.8
hash function
function which maps strings of bits of variable (but usually upper bounded) length to fixed-length strings of
bits, satisfying the following two properties:
— for a given output, it is computationally infeasible to find an input which maps to this output;
— for a given input, it is computationally infeasible to find a second input which maps to the same output
[SOURCE: ISO/IEC 11770-4:2017, 3.9, modified — Note 1 to entry was removed.]
3.9
user
USR
person or software that interacts with the digital safe
Note 1 to entry: There are three types of users: general administrator (USR-G), functional administrator (USR-F) and
standard user (USR-S). Their roles are defined in 4.3.
3.10
user identifier
USR_ID
identifier assigned unambiguously to a user of the digital safe
3.11
user identifier of the digital object
DO_USR_ID
identifier assigned to a digital object by a user
4 Digital safe functional specifications
4.1 Key concepts
The functional specifications of the digital safe are bundled into:
— management of users (4.3);
ISO/TSDTS 24574.2:2025(en)
— 8 functions that allow the management of digital objects (from 4.4 to 4.6);
— additional requirements (from 4.7 to 4.17).
The 8 functions on the DOs allow interoperability between digital safes.
The other requirements ensure that the digital safe has the minimum characteristics to ensure the protection
of DOs, that is to say, to ensure their integrity, availability and confidentiality.
Figure 1 shows the mechanism of the invocation functions and the mechanism of retrieving results.

Figure 1 — Functional entities of a digital safe
4.2 Implementation functions
All functions can be implemented either with a human interface or with an application programming interface
(API).
ISO/TSDTS 24574.2:2025(en)
4.3 Users management
4.3.1 General
The digital safe shall be able to manage, at a minimum, the three types of users in 4.3.2, 4.3.3 and 4.3.4.
4.3.2 General administrator (USR-G)
A general administrator is authorized to create or remove functional administrators (USR-F).
A USR-G shall not be able to access DOs stored in the digital safe.
At least one USR-G shall exist when the digital safe is created.
The digital safe may contain multiple users with USR-G role.
4.3.3 Functional administrator (USR-F)
The functional administrator (USR-F) is only authorized to create, modify and remove standard users (USR-
S).
A USR-F shall not be able to access DOs stored in the digital safe.
The digital safe may contain multiple users with USR-F role.
4.3.4 Standard user (USR-S)
Each USR-S shall have a profile.
A profile indicates, for each function of the digital safe linked to DOs, whether a user is allowed to perform this
function.
For each function of the digital safe linked to DOs, Table 1 describes the basic profile.
Table 1 — USR-S profile
a
Functions AuthorizationAuthorization
Write Yes / No
Read Yes / No
Delete Yes / No
Read technical metadata Yes / No
Verify Yes / No
Read audit trail Yes / No
List Yes / No
Count Yes / No
By default, when creating a USR-S, all authorizations shall be set to “No”.
a
By default, when creating a USR-S, all authorizations shall be set to “No”.
ISO/TSDTS 24574.2:2025(en)
4.3.5 Management of functional administrator (USR-F)
This function is used to create, deactivate and reactivate a functional administrator (USR-F).
Only the general administrator (USR-G) shall be able to perform this function.
4.3.6 Management of standard user (USR-S)
This function is used to create, deactivate and reactivate a USR-S.
Only the functional administrator (USR-F) shall be able to perform this function.
4.3.7 Users management environment
The user management should be independent from the operating system.
4.4 Digital safe mandatory functions
At a minimum, a digital safe shall have the 8 functions listed in Table 2:
— functions 1 to 5 relate to a single DO;
— functions 6 to 8 can relate to one, more than one, or all DOs in a digital safe.
Table 2 — Digital safe functions
N° Function Description
1 Write This function is used to write a DO in the digital safe after verification of the
user’s write rights.
2 Read This function is designed to retrieve a full copy of a DO held in the digital safe.
3 Delete This function is used to render a DO preserved in the digital safe inaccessible
and to remove it from the digital safe. This function includes:
— destruction of the DO without any possibility of reconstruction;
— destruction of technical metadata and any link within the digital safe to or
from this DO.
— destruction of the DO without any possibility of reconstruction;

Functions
— destruction of technical metadata and any link within the digital safe
that apply
to or from this DO.
to one DO
only
The DO_ID shall not be used for another DO.
All records in the audit trail linked to this destroyed DO are not affected by
this destruction (all records in the audit trail for this DO are retained).
4 Read This function is used to retrieve the technical metadata, as defined in 4.7,
technical associated with a DO preserved in the digital safe.
metadata
5 Verify This function is used to verify the existence and integrity of a preserved DO in
the digital safe.
Verification concerns the existence of a DO in the digital safe and non-
...

FINAL DRAFT
Technical
Specification
ISO/DTS 24574
ISO/TC 171/SC 1
Document management
Secretariat: BSI
applications — Specification for a
Voting begins on:
digital safe
2024-10-28
Applications en gestion des documents — Spécification pour un
Voting terminates on:
coffre fort numérique
2024-12-23
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
Reference number
ISO/DTS 24574:2024(en) © ISO 2024

FINAL DRAFT
ISO/DTS 24574:2024(en)
Technical
Specification
ISO/DTS 24574
ISO/TC 171/SC 1
Document management
Secretariat: BSI
applications — Specification for a
Voting begins on:
digital safe
Applications en gestion des documents — Spécification pour un
Voting terminates on:
coffre fort numérique
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
© ISO 2024
IN ADDITION TO THEIR EVALUATION AS
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
or ISO’s member body in the country of the requester.
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
ISO/DTS 24574:2024(en) © ISO 2024

ii
ISO/DTS 24574:2024(en)
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2  Normative references . 1
3  Terms and definitions . 1
4  Digital safe functional specifications . 3
4.1 Key concepts .3
4.2 Implementation functions .3
4.3 Users management .3
4.3.1 General .3
4.3.2 General administrator (USR-G) .3
4.3.3 Functional administrator (USR-F) .4
4.3.4 Standard user (USR-S) .4
4.3.5 Management of functional administrator (USR-F) .4
4.3.6 Management of standard user (USR-S) .4
4.3.7 Users management environment .4
4.4 Digital safe mandatory functions .5
4.5 Invoke functions parameters .5
4.5.1 General .5
4.5.2 Write function .5
4.5.3 Read function .6
4.5.4 Delete function .6
4.5.5 Read technical metadata function .6
4.5.6 Verify function .7
4.5.7 Read audit trial function .7
4.5.8 List function .7
4.5.9 Count function .7
4.6 Function results.8
4.6.1 General .8
4.6.2 Write function .8
4.6.3 Read function .8
4.6.4 Delete function .9
4.6.5 Read technical metadata function .9
4.6.6 Verify function .9
4.6.7 Read audit trail function .10
4.6.8 List function .10
4.6.9 Count function .10
4.6.10 Other functions .11
4.7 Metadata .11
4.7.1 Technical metadata .11
4.7.2 Additional metadata.11
4.8 Version control of DOs .11
4.9 Retention and disposal .11
4.9.1 Retention .11
4.9.2 Disposal .11
4.10 Secondary hosting . 12
4.11 Backup . . 12
4.12 Storage technology . 12
4.12.1 Storage technology used . 12
4.12.2 Migration . 12
4.13 Security of access, integrity and confidentiality of messages exchanged . 13
4.14 Encryption . 13
4.15 Date format . 13
4.16 Audit trial . 13

iii
ISO/DTS 24574:2024(en)
4.16.1 General . 13
4.16.2 Audit trail related to DOs functions . 13
4.16.3 Audit trail content . 13
4.16.4 Audit trail implementation .14
4.17 Integrity of DOs and audit trails .14
4.17.1 Survey of integrity .14
4.17.2 Loss of integrity .14
4.18 Legal or regulatory requirements . .
...

© ISO #### – All rights reserved
1 ISO/DTS 24574
2 ISO/TC 171/SC 1/WG12
3 Secretariat: BSI
4 Date: 2024-10-14
5 Document management applications - — Specification for a digital
6 safe
8 DTS stage
10 Warning for WDs and CDs
11 This document is not an ISO International Standard. It is distributed for review and comment. It is subject to
12 change without notice and may not be referred to as an International Standard.
13 Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of
14 which they are aware and to provide supporting documentation.
15 To help you, this guide on writing standards was produced by the ISO/TMB and is available at
16 A model manuscript of a draft International Standard (known as “The Rice Model”) is available at
ISO #####-#:####(X)
Applications en gestion des documents — Spécification pour un coffre fort numérique
2 © ISO #### – All rights reserved

ISO/DTS 24574:(en)
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication
may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying,
or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO
at the address below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. Phone: + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail: copyright@iso.org
Website: www.iso.orgwww.iso.org

Published in Switzerland
iii
ISO/DTS 24574:(en)
Contents
Foreword . v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Digital safe functional specifications . 3
4.1 Key concepts . 3
4.2 Implementation functions . 4
4.3 Users management . 4
4.4 Digital safe mandatory functions . 5
4.5 Invoke functions parameters . 6
4.6 Function results . 9
4.7 Metadata . 13
4.8 Version control of DOs . 13
4.9 Retention and disposal . 14
4.10 Secondary hosting . 14
4.11 Backup . 14
4.12 Storage technology . 14
4.13 Security of access, integrity and confidentiality of messages exchanged . 15
4.14 Encryption . 15
4.15 Date format . 15
4.16 Audit trial . 16
4.17 Integrity of DOs and audit trails . 17
4.18 Legal or regulatory requirements . 17
5 Documentation . 17
5.1 Technical manual . 17
5.2 System version . 19
5.3 Installation, operation, and user manuals . 20
5.4 Terminology . 20
6 Implementation . 20
Annex A (informative) Relation between this document and other standards dealing with
archiving . 20
Bibliography . 26

iv
ISO/DTS 24574:(en)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types of
ISO documentsdocument should be noted. This document was drafted in accordance with the editorial rules
of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawnISO draws attention to the possibility that some of the elementsimplementation of this
document may beinvolve the subjectuse of (a) patent(s). ISO takes no position concerning the evidence,
validity or applicability of any claimed patent rights in respect thereof. As of the date of publication of this
document, ISO had not received notice of (a) patent(s) which may be required to implement this document.
However, implementers are cautioned that this may not represent the latest information, which may be
obtained from the patent database available at www.iso.org/patents. ISO shall not be held responsible for
identifying any or all such patent rights. Details of any patent rights identified during the development of the
document will be in the Introduction and/or on the ISO list of patent declarations received (see ).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation onof the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT)), see the following URL:
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 171, [name of committee],Document
management applications, Subcommittee SC ##, [name of subcommittee]. 1, Quality, preservation and integrity
of information.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.htmlA list of all parts in the ISO #####
series can be found on the ISO website.

.
v
ISO/DTS 24574:(en)
Introduction
As part of their activities, public organizations and private companies increasingly use digital content, whether
it is produced by these organizations or comesby others. Digital content includes documents, data, images and
sound that can be referred to as digital objects. These can be natively electronic or result from other
organizations. the digitization of printed documents.
To meet legal or management requirements, theyorganizations and companies are expected to use trusted
technology to ensure the integrity over time of all types of digital content such as documents, data, images and
sound. This digital content can be referred to as digital objects, which can be natively electronic or result from
the digitization of printed documents.
For that reason. Thus, there is a need for software that can ensure the integrity, confidentiality and availability
of the digital objects over time, including office documents, PDF files, scan results, JPEG pictures, etc.
This document defines the minimum functions of a digital safe:
— maintainmaintaining the integrity, confidentiality and availability of digital objects over time,;
— preservepreserving the chain of custody,;
— managemanaging retention periods or freeze status making it impossible to delete digital objects during
a determined period,;
— defining the minimum elements to allow transfer of digital objects between two different digital safes,;
— definedefining the minimum elements of traceability of the software operation,;
— managemanaging replication of digital objects,;
— ensureensuring sustainability of business operations, business continuity/ and disaster recovery, and;
— definedefining encryption requirements.
As thisThis document is limited to the functions of integrity, traceability, confidentiality and availability of
digital objects of any kind, it. It does not address sustainability of digital objects (i.e. the component does not
control and convert the formats in which digital objects are stored).
In order for users to have confidence in their electronic safe, this software should have the same basic
functions and maintain a common minimum of technical metadata, regardless of the software publisher. These
fundamental elements are also the necessary condition to ensure interoperability between several electronic
safes.
This document is intended for:
— software developers or integrators of a such solution who wish to develop or integrate a digital safe,;
— service providers like, such as trust service providers of digital storages, who isare looking for software to
support their services,;
— software publisherpublishers who wants to have a repository to develop digital safe software,;
— consultants and auditors, who wisheswish to have a reference document to build or audit an archiving
system or audit this type of system.
vi
ISO/DTS 24574:(en)
ISO TS 24574 ISOThis document is intended to complement other ISO documents that deal with electronic
archiving. Annex AAppendix A provides a list of these documents and ISO TS 24574's linkstheir link to
themthis document.
vii
ISO/DTS 24574:(en)
Document management applications — Specification for a digital safe
1 Scope
This document specifies the minimum functional requirements of digital safe software in order to ensure the
integrity, confidentiality and availability of the digital objects it stores.
A digital safe is a software package operating on one or more hardware platforms.
This document does not address system environments that can be necessary for the operation of the digital
safe, such as physical security (fire extinguishing system, armoured doors, presence detectors, etc.), power
supply security (generators and transformers) or telecommunication lines.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO 8601-1, Date and time - — Representations for information interchange — Part 1: Basic rules
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— — ISO Online browsing platform: available
...