Document management — Trustworthy storage system (TSS) — Functional and technical requirements

Gestion des documents — Système de stockage fiable (TSS) — Exigences fonctionnelles et techniques

General Information

Status
Not Published
Current Stage
5020 - FDIS ballot initiated: 2 months. Proof sent to secretariat
Start Date
11-May-2022
Completion Date
11-May-2022
Ref Project

Buy Standard

Draft
REDLINE ISO/PRF TS 18759 - Document management — Trustworthy storage system (TSS) — Functional and technical requirements Released:5/11/2022
English language
32 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/PRF TS 18759 - Document management — Trustworthy storage system (TSS) — Functional and technical requirements Released:5/11/2022
English language
32 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
ISO TC 171/SC 2
Style Definition
...
Date: 2022-03-2505-10
Style Definition
...
ISO/TS 18759:2022
Style Definition
...
ISO TC 171/SC 2/WG 11
Style Definition
...
Style Definition
Secretariat: ANSI ...
Style Definition
...

Document management — Trustworthy storage system (TSS) functional— Functional and

technical requirements
Style Definition
...
Style Definition

Gestion des documents — Système de stockage fiable (TSS) — Exigences fonctionnelles et techniques du

...
système de stockage fiable (TSS)
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
© ISO 2022
Style Definition
...
Style Definition

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no ...

part of this publication may be reproduced or utilized otherwise in any form or by any means,

Style Definition
...

electronic or mechanical, including photocopying, or posting on the internet or an intranet, without

Style Definition
...

prior written permission. Permission can be requested from either ISO at the address below or

Formatted
ISO's member body in the country of the requester. ...
Formatted
...
ISO Copyright Office
Formatted
...
CP 401 • CH-1214 Vernier, Geneva Formatted
...
Formatted
...
Phone: + 41 22 749 01 11
Formatted
...
Fax: + 41 22 749 09 47 Formatted
...
Formatted
...
Email: copyright@iso.org
Formatted
...
Email: copyright@iso.org Formatted
...
Formatted
...
Website: www.iso.orgwww.iso.org
Formatted
...
Published in Switzerland.
Formatted
...
Formatted
...
Formatted
...
Formatted
...
Formatted
...
Formatted
...
Formatted
...
Formatted
...
---------------------- Page: 1 ----------------------
ISO/DIS 18759:2018(E)
Contents Page

Foreword .................................................................................................................................................................................................................................... iv

Introduction ................................................................................................................................................................................................................................. v

1 Scope ............................................................................................................................................................................................................................ 6

2 Normative references ............................................................................................................................................................................................ 6

3 Terms and definitions ........................................................................................................................................................................................... 6

3.1 .................................................................................................................................................................................................................................. 6

trusted system .......................................................................................................................................................................................................... 6

3.2 Terms related to electronically stored information (ESI) ...................................................................................................... 7

electronically stored information (ESI)........................................................................................................................................................... 7

3.2.1 ............................................................................................................................................................................................................ 7

changeable electronically stored information ............................................................................................................................ 7

3.2.2 ............................................................................................................................................................................................................ 7

immutable electronically stored information ............................................................................................................................. 7

3.2.3 ............................................................................................................................................................................................................ 7

immutable-ESI preservation period immutable-ESI retention period ............................................................................. 7

3.2.4 ............................................................................................................................................................................................................ 7

retained-ESI ............................................................................................................................................................................................. 7

3.2.5 ............................................................................................................................................................................................................ 7

expired-ESI .............................................................................................................................................................................................. 7

3.2.6 ............................................................................................................................................................................................................ 7

retention expiration date and time preservation expiration date and time .................................................................... 7

3.2.7 ............................................................................................................................................................................................................ 8

retention preservation target expiration date and time ......................................................................................................... 8

3.3 .................................................................................................................................................................................................................................. 8

deletion-hold ............................................................................................................................................................................................................. 8

3.4 .................................................................................................................................................................................................................................. 8

access-hold ................................................................................................................................................................................................................ 8

3.5 .................................................................................................................................................................................................................................. 8

modification-hold ................................................................................................................................................................................................... 8

3.6 .................................................................................................................................................................................................................................. 8

application ................................................................................................................................................................................................................. 8

3.7 .................................................................................................................................................................................................................................. 8

legal hold litigation hold ....................................................................................................................................................................................... 8

3.8 .................................................................................................................................................................................................................................. 8

ransomware .............................................................................................................................................................................................................. 8

4 TSS concepts and functional requirements ................................................................................................................................................... 9

4.1 Overview .................................................................................................................................................................................................. 9

4.2 TSS concepts ......................................................................................................................................................................................... 10

4.2.1 General .................................................................................................................................................................................... 10

4.2.2 Immutable-ESI ...................................................................................................................................................................... 10

4.2.3 Changeable-ESI ..................................................................................................................................................................... 10

4.3 ESI preservation .................................................................................................................................................................................. 11

4.4 Immutable-ESI preservation period............................................................................................................................................. 11

4.4.1 Overview ................................................................................................................................................................................. 11

4.5 ESI deletion............................................................................................................................................................................................ 12

4.6 TSS functional requirements .......................................................................................................................................................... 13

5 TSS ESI lifecycle management technical requirements........................................................................................................................... 15

5.1 General .................................................................................................................................................................................................... 15

5.2 TSS ESI security, protection and hold restrictions requirements ..................................................................................... 16

5.2.1 General .................................................................................................................................................................................... 16

5.2.2 TSS ESI security requirements ....................................................................................................................................... 16

5.2.3 TSS ESI hold restriction requirements ........................................................................................................................ 17

5.2.4 TSS ESI protection requirements (Optional) ............................................................................................................. 19

5.2.5 TSS ESI deletion requirements ....................................................................................................................................... 20

5.3 Changeable-ESI (writeable-ESI) requirements ........................................................................................................................ 20

5.4 TSS immutable-ESI requirements ................................................................................................................................................. 21

5.5 TSS retained-ESI requirements ...................................................................................................................................................... 22

5.6 TSS expired-ESI requirements ....................................................................................................................................................... 23

ii © ISO 2018 – All rights reserved
---------------------- Page: 2 ----------------------

5.7 Immutable-ESI retention period ................................................................................................................................................... 23

5.7.1 General .................................................................................................................................................................................... 23

5.7.2 Immutable-ESI retention period requirements ....................................................................................................... 23

5.7.3 Immutable-ESI permanent-retention period ............................................................................................................ 24

5.7.4 Immutable-ESI fixed-retention period ........................................................................................................................ 24

5.7.5 Immutable-ESI hybrid-retention period ..................................................................................................................... 25

5.7.6 Immutable-ESI indefinite-retention period ............................................................................................................... 26

6 TSS integration and management interfaces .............................................................................................................................................. 27

7 TSS integrity, auditing, security requirements .......................................................................................................................................... 27

7.1 Storage security ................................................................................................................................................................................... 27

7.2 ESI encryption ...................................................................................................................................................................................... 28

7.3 Secure delete and erasure ............................................................................................................................................................... 28

7.4 Immutable-ESI integrity checks .................................................................................................................................................... 28

7.5 Redundancy and replication ........................................................................................................................................................... 28

7.6 Storage migration and upgrades ................................................................................................................................................... 29

7.7 Auditability............................................................................................................................................................................................ 29

7.7.1 General .................................................................................................................................................................................... 29

7.7.2 TSS audit capabilities ......................................................................................................................................................... 29

7.7.3 TSS audit trail ....................................................................................................................................................................... 29

8 TSS technical methods for trusted storage .................................................................................................................................................. 30

8.1 General .................................................................................................................................................................................................... 30

8.2 Security ................................................................................................................................................................................................... 30

8.3 Validate and detect corruption ...................................................................................................................................................... 30

8.4 Ransomware protection ................................................................................................................................................................... 31

8.5 Error correction .................................................................................................................................................................................. 31

8.6 Monitoring, notifications and alerts ............................................................................................................................................. 31

8.7 Encryption ............................................................................................................................................................................................. 31

8.8 Permissions ........................................................................................................................................................................................... 32

8.9 Integrity of storage devices and media ....................................................................................................................................... 32

9 TSS compliance requirements and mitigating technical methods ...................................................................................................... 32

9.1 Migration of information between media .................................................................................................................................. 32

9.2 Technical obsolescence .................................................................................................................................................................... 33

9.3 Discovery requests ............................................................................................................................................................................. 33

9.4 Addressing ad-hoc deletion requests .......................................................................................................................................... 33

9.5 ESI degradation ................................................................................................................................................................................... 34

9.6 Malicious actions by employees or outside parties ................................................................................................................ 34

9.7 ESI store errors .................................................................................................................................................................................... 35

9.8 TSS hardware controls ...................................................................................................................................................................... 35

9.9 Accidental or premature deletion of ESI .................................................................................................................................... 35

Bibliography ............................................................................................................................................................................................................................. 36

DRAFT
© ISO 2021 – All rights reserved iii
SUBMISSION
---------------------- Page: 3 ----------------------
ISO/DIS 18759:2018(E)
iv © ISO 2018 – All rights reserved
---------------------- Page: 4 ----------------------
Contents

Foreword ................................................................................................................................................................................................................... v

Introduction ............................................................................................................................................................................................................. vi

1 Scope ...................................................................................................................................................................................................... 10

2 Normative references ....................................................................................................................................................................... 10

3 Terms and definitions ...................................................................................................................................................................... 10

4 TSS concepts and functional requirements .............................................................................................................................. 13

4.1 Overview ............................................................................................................................................................................. 13

4.2 TSS concepts ...................................................................................................................................................................... 14

4.2.1 General.................................................................................................................................................................. 14

4.2.2 Immutable ESI .................................................................................................................................................... 15

4.2.3 Changeable ESI .................................................................................................................................................. 15

4.3 ESI preservation ............................................................................................................................................................... 15

4.4 Immutable ESI preservation period .......................................................................................................................... 16

4.4.1 Overview .............................................................................................................................................................. 16

4.5 ESI deletion ........................................................................................................................................................................ 17

4.6 TSS functional requirements ....................................................................................................................................... 18

5 TSS ESI lifecycle management technical requirements ....................................................................................................... 20

5.1 General ................................................................................................................................................................................. 20

5.2 TSS ESI security, protection and hold restrictions requirements .................................................................. 22

5.2.1 General.................................................................................................................................................................. 22

5.2.2 TSS ESI security requirements ..................................................................................................................... 22

5.2.3 TSS ESI hold restriction requirements ...................................................................................................... 23

5.2.4 TSS ESI protection requirements ................................................................................................................ 27

5.2.5 TSS ESI deletion requirements .................................................................................................................... 28

5.3 Changeable ESI requirements ..................................................................................................................................... 28

5.4 TSS immutable ESI requirements .............................................................................................................................. 29

5.5 TSS retained ESI requirements ................................................................................................................................... 30

5.6 TSS expired-ESI requirements .................................................................................................................................... 31

5.7 Immutable ESI retention period ................................................................................................................................. 31

5.7.1 General.................................................................................................................................................................. 31

5.7.2 Immutable ESI retention period requirements ..................................................................................... 32

5.7.3 Immutable ESI permanent retention period .......................................................................................... 32

5.7.4 Immutable ESI fixed retention period ....................................................................................................... 32

5.7.5 Immutable ESI hybrid retention period ................................................................................................... 33

5.7.6 Immutable ESI indefinite retention period ............................................................................................. 34

6 TSS integration and management interfaces ........................................................................................................................... 35

7 TSS integrity, auditing, security requirements ....................................................................................................................... 36

7.1 Storage security ................................................................................................................................................................ 36

7.2 ESI encryption ................................................................................................................................................................... 36

7.3 Secure delete and erasure ............................................................................................................................................ 36

7.4 Immutable ESI integrity checks .................................................................................................................................. 36

7.5 Redundancy and replication ........................................................................................................................................ 37

7.6 Storage migration and upgrades ................................................................................................................................ 37

7.7 Auditability......................................................................................................................................................................... 37

7.7.1 General.................................................................................................................................................................. 37

7.7.2 TSS audit capabilities ...................................................................................................................................... 37

7.7.3 TSS audit trail ..................................................................................................................................................... 38

8 TSS technical methods for trusted storage ...................................................................................

...

TECHNICAL ISO/TS
SPECIFICATION 18759
First edition
Document management —
Trustworthy storage system
(TSS) — Functional and technical
requirements
Gestion des documents — Système de stockage fiable (TSS) —
Exigences fonctionnelles et techniques
PROOF/ÉPREUVE
Reference number
ISO/TS 18759:2022(E)
© ISO 2022
---------------------- Page: 1 ----------------------
ISO/TS 18759:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on

the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below

or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
PROOF/ÉPREUVE © ISO 2022 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/TS 18759:2022(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction .............................................................................................................................................................................................................................. vi

1 S c op e ................................................................................................................................................................................................................................. 1

2 Nor m at i ve r ef er enc e s ..................................................................................................................................................................................... 1

3 Terms and definitions .................................................................................................................................................................................... 1

4 T SS concepts and functional requirements ............................................................................................................................ 4

4 .1 O ver v iew ...................................................................................................................................................................................................... 4

4 . 2 T S S c onc ep t s ............................................................................................................................................................................................. 5

4.2.1 General ........................................................................................................................................................................................ 5

4.2.2 I mmutable ESI ................................... .................................................................................................................................... 5

4.2.3 C hangeable ESI ..................................................................................................................................................................... 5

4.3 E SI preservation .................................................................................................................................................................................... 6

4.4 I mmutable ESI preservation period .................................................................................................................................... 6

4 .4 .1 O ver v iew ................................................................................................................................................................................... 6

4 . 5 E S I dele t ion ................................................................................................................................................................................................ 7

4.6 T SS functional requirements ..................................................................................................................................................... 8

5 TSS ESI lifecycle management technical requirements ..........................................................................................10

5.1 G eneral ........................................................................................................................................................................................................ 10

5.2 T SS ESI security, protection and hold restrictions requirements ......................................................... 11

5.2.1 G eneral ..................................................................................................................................................................................... 11

5.2.2 TSS ESI security requirements ........................................................................................................................... 11

5.2.3 TSS ESI hold restriction requirements ........................................................................................................12

5.2.4 TSS ESI protection requirements .................................................................................................................... 15

5.2.5 TSS ESI deletion requirements ........................................................................................................................... 16

5.3 C hangeable ESI requirements ................................................................................................................................................ 16

5.4 T SS immutable ESI requirements ....................................................................................................................................... 17

5.5 T SS retained ESI requirements ........................................................................................................................................... .. 18

5.6 T SS expired-ESI requirements .............................................................................................................................................. 19

5.7 I mmutable ESI retention period .......................................................................................................................................... 19

5.7.1 General ..................................................................................................................................................................................... 19

5.7.2 Immutable ESI retention period requirements.................................................................................... 19

5.7.3 I mmutable ESI permanent retention period .......................................................................................... 20

5.7.4 Immutable ESI fixed retention period .......................................................................................................... 20

5.7.5 I mmutable ESI hybrid retention period ...................................................................................................... 21

5.7.6 I mmutable ESI indefinite retention period ..............................................................................................22

6 TSS integration and management interfaces .....................................................................................................................22

7 TSS integrity, auditing, security requirements ...............................................................................................................23

7.1 S torage security .................................................................................................................................................................................. 23

7.2 E SI encryption ...................................................................................................................................................................................... 23

7.3 S ecure delete and erasure .........................................................................................................................................................23

7.4 I mmutable ESI integrity checks ........................................................................................................................................... 24

7.5 R edundancy and replication ................................................................................................................................................... 24

7.6 S torage migration and upgrades ......................................................................................................................................... 24

7.7 A uditability ............................................................................................................................................................................................. 24

7.7.1 General ..................................................................................................................................................................................... 24

7.7.2 TSS audit capabilities ..................................................................................................................................................25

7.7.3 T SS audit trail ..................................................................................................................................................................... 25

8 T SS technical methods for trusted storage ..........................................................................................................................25

8.1 General ........................................................................................................................................................................................................ 25

8.2 S ecurity ...................................................................................................................................................................................................... 25

8.3 V alidate and detect corruption ............................................................................................................................................. 26

iii
© ISO 2022 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 3 ----------------------
ISO/TS 18759:2022(E)

8.4 Ransomware protection .............................................................................................................................................................26

8 . 5 E r r or c or r e c t ion ................................................................................................................................................................................. 26

8.6 M onitoring, notifications and alerts ................................................................................................................................ 26

8.7 Encryption ............................................................................................................................................................................................... 27

8 . 8 Per m i s s ion s ............................................................................................................................................................................................ 28

8.9 I ntegrity of storage devices and media .........................................................................................................................28

9 T SS requirements and mitigating technical methods ..............................................................................................28

9.1 M igration of information between media ...................................................................................................................28

9.2 T echnical obsolescence ................................................................................................................................................................28

9.3 D iscovery requests ..........................................................................................................................................................................29

9.4 A ddressing ad hoc deletion requests ...............................................................................................................................29

9.5 E SI degradation ................................................................................................................................................................................... 30

9.6 M alicious actions by employees or outside parties ............................................................................................30

9.7 E SI store errors ...................................................................................................................................................................................30

9.8 T SS hardware controls ................................................................................................................................................................. 30

9.9 A ccidental or premature deletion of ESI ....................................................................................................................... 31

Bibliography .............................................................................................................................................................................................................................32

PROOF/ÉPREUVE © ISO 2022 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/TS 18759:2022(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www.iso.org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to

the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see

www.iso.org/iso/foreword.html.

This document was prepared by Technical Committee ISO/TC 171, Document management applications,

Subcommittee SC 2, Document file formats, EDMS systems and authenticity of information.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www.iso.org/members.html.
© ISO 2022 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 5 ----------------------
ISO/TS 18759:2022(E)
Introduction

The trustworthy storage system (TSS) provides a secure storage framework to preserve and

protect all types of electronically stored information (ESI) independent of the application and is not

intended to be limited to the use cases of content and records management applications. It provides

a unified tamper-resistant storage repository for the preservation and protection of ESI for various

environments. In a digital world where information is created, authored and captured electronically,

the TSS provides the vital security, protection and preservation of ESI against an ever-growing list of

evolving vulnerabilities including accidental and malicious acts, malware and ransomware as well as

operational and application errors.

Organizations designing and implementing information and content management systems

need guidance on how to select and implement a trustworthy storage system to safeguard the

trustworthiness, reliability, authenticity, integrity and immutability of ESI throughout its entire

lifecycle. A trusted system needs a TSS in order to maintain ESI trustworthiness ensuring chain of

custody, compliance with organizational mandates, legal and regulatory requirements and admissibility

standards, including enforcement of retention requirements and deletion-holds. The TSS also benefits

organizations that do not have a formal records programme or application, but need to protect, manage

and secure information important to their organization.

Readers are advised to use this document taking into account their local jurisdictions and applicable

liabilities, paying special attention to legal, regulatory and other organizational requirements,

obligations and expectations.
PROOF/ÉPREUVE © ISO 2022 – All rights reserved
---------------------- Page: 6 ----------------------
TECHNICAL SPECIFICATION ISO/TS 18759:2022(E)
Document management — Trustworthy storage system
(TSS) — Functional and technical requirements
1 S cope

This document specifies the functional, technology-neutral requirements for trustworthy storage

systems (TSS) that ensure storing and managing electronically stored information (ESI) in a protected

and secure fashion during the lifecycle of the information. The TSS as specified in this document is

storage technology neutral and accordingly does not specify any specific storage media types or

configurations.

This document is applicable to all information systems in which users and applications must manage

the protection, preservation and security of stored ESI throughout its entire lifecycle to meet

organizational and regulatory requirements to enforce:
— immutability, authenticity and trustworthiness of the stored ESI;

— protection of application managed ESI and other stored ESI against tampering, malicious acts and

ransomware;
— organizational ESI preservation and retention policies;
— protection for unstructured and unmanaged data.
2 Normat ive references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 12651-1, Electronic document management — Vocabulary — Part 1: Electronic document imaging

ISO 13008, Information and documentation — Digital records conversion and migration process

ISO 14641, Electronic document management — Design and operation of an information system for the

preservation of electronic documents — Specifications

ISO 15489-1, Information and documentation — Records management — Part 1: Concepts and principles

ISO/TR 15801, Document management — Electronically stored information — Recommendations for

trustworthiness and reliability

ISO 18829, Document management — Assessing ECM/EDRM implementations — Trustworthiness

ISO/TR 22957, Document management — Analysis, selection and implementation of enterprise content

management (ECM) systems
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 12651-1, ISO 14641,

ISO 15489-1 and the following apply.

ISO and IEC maintain terminology databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
© ISO 2022 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 7 ----------------------
ISO/TS 18759:2022(E)
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
trusted system

information technology system with the capability of managing electronically stored information (ESI)

(3.2) in a trustworthy manner

Note 1 to entry: A trusted system demonstrates authenticity, integrity and availability of ESI over time.

3.2
electronically stored information
ESI
information created, used, edited, modified and stored in digital form

Note 1 to entry: Electronically stored information (ESI) includes documents and records (unstructured and

structured data) created or managed by the organization in the course of business and requiring a computer or

other device for access.
3.2.1
changeable electronically stored information
changeable ESI
writeable ESI

electronically stored information (ESI) (3.2) stored on a trustworthy storage system (TSS) without

any write-once immutable protection, allowing all changes to electronically stored information (ESI)

(contents, size, properties, attributes and checksums)
3.2.2
immutable electronically stored information
immutable ESI

electronically stored information (ESI) on a trustworthy storage system (TSS) with write-once

immutable protection that permanently prevents changes to ESI (contents, size, properties, attributes

and checksums)
3.2.3
immutable ESI preservation period
immutable ESI retention period

period that defines the length of time for which an immutable ESI (electronically stored information)

(3.2.2) in a trustworthy storage system (TSS) is to be preserved, prohibiting its deletion

3.2.4
retained ESI

preservation state of an immutable ESI (electronically stored information) (3.2.2) in a trustworthy

storage system (TSS) that has been assigned a preservation target expiration date and time, which has

not lapsed and is therefore ineligible for deletion
3.2.5
expired ESI

preservation state of an immutable ESI (electronically stored information) (3.2.2) in a trustworthy

storage system (TSS) that has been assigned a preservation target expiration date and time, which has

lapsed and expired and is therefore eligible for deletion
3.2.6
preservation expiration date and time
retention expiration date and time

preservation date and time that the immutable ESI (electronically stored information) (3.2.2) be retained

and preserved at a minimum prohibiting deletion

Note 1 to entry: The immutable ESI (electronically stored information) minimum retention expiration date and

time may be increased but can never be reduced.
PROOF/ÉPREUVE © ISO 2022 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/TS 18759:2022(E)
3.2.7
preservation target expiration date and time

immutable ESI (electronically stored information) (3.2.2) in a trustworthy storage system (TSS) assigned

preservation target expiration date and time that is used by the TSS to determine eligibility for deletion

Note 1 to entry: The immutable ESI (3.2.2) is eligible for deletion any time after the assigned preservation target

expiration date and time has lapsed, provided that the immutable ESI (3.2.2) does not have a deletion hold (3.3).

The assigned preservation target expiration date and time can never be reduced.

Note 2 to entry: Alternatively, reference preservation target expiration date and time or retention period target

expiration date and time.
3.3
deletion-hold

trustworthy storage system (TSS) preventing the destruction of any specific electronically stored

information (ESI) within a TSS
3.4
access-hold

trustworthy storage system (TSS) preventing the access of any specific electronically stored

information (ESI) within a TSS
3.5
modification-hold

trustworthy storage system (TSS) preventing the modification of any specific changeable electronically

stored information within a TSS
3.6
application

system for collecting, saving, processing, and presenting data by means of a computer

[SOURCE: ISO/IEC/IEEE 24765:2017, 3.167, definition 1]
3.7
legal hold
litigation hold

operation that tags or otherwise cues special access management and destruction suspension for record

[electronically stored information (ESI)] entries deemed relevant, consistent with organization policy

under the legal doctrine of “duty to preserve”, also notifying records ESI owners and other designated

parties of the special data controls on access, retention, and destruction processes

Note 1 to entry: The Add Legal Hold Record ESI Lifecycle Event occurs when an agent causes the system to tag

or otherwise indicate special access management and suspension of ESI entry deletion or destruction, if deemed

relevant to a lawsuit or which are reasonably anticipated to be relevant to fulfil organizational policy under the

legal doctrine of “duty to preserve”.

[SOURCE: ISO/TS 21089:2018(en), 3.82, modified — added electronically stored information (ESI) to

the definition.]
3.8
ransomware

malicious software that infects computer systems, restricts access to the victim’s data and requires a

ransom
[SOURCE: ITU-T X.1215 (01/2019), 7.1]
© ISO 2022 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 9 ----------------------
ISO/TS 18759:2022(E)
4 T SS concepts and functional requirements
4.1 Overview

The trustworthy storage system (TSS) in conformity with the technical and functional requirements of

this document provides a storage environment capable of ensuring and maintaining the trustworthiness

and reliability of electronically stored information (ESI) throughout its lifecycle independent of the

application or the underlying storage technology. The primary purpose of a TSS is to protect and

preserve ESI in a manner that reliably ensures security, immutability, integrity and authenticity. The

TSS maintains and safeguards ESI against tampering and corruption in conformity with relevant

laws, regulations and business requirements as well as with international standards associated with

trustworthy storage environments (ISO/TR 15801, ISO/TR 22957, ISO 18829, ISO 14641, ISO 15489-1

and other related standards).

A TSS is the key component of any trusted environment that manages and maintains the trustworthiness

of ESI from creation to deletion. The TSS is designed to enforce provable immutability, integrity,

authenticity, retention, security, privacy, tamper-evident protection, enforcing destruction and access

holds. The TSS allows the deletion of TSS-stored ESI based on determining deletion eligibility.

Using a non-TSS platform leaves the ESI at risk since the integrity and viability of the entire lifecycle

of the ESI cannot be independently secured and protected with provable immutability. There are

fundamental limitations to the extent any individual component of a trusted environment can address

the requirements without employing the immutability protection and the deletion restrictions of a TSS.

Application-defined security controls are limited to the context of operations performed within the

internal components of the application. Modifications to application-managed ESI executed outside the

context of the application-defined security can jeopardize the trustworthiness of the entire solution.

In a non-TSS platform, any privileged user or privileged process may directly modify, encrypt or delete

application-managed ESI bypassing all the security provisions of the application-defined security.

Applications cannot prevent, prohibit, inhibit or detect any changes to application-managed ESI on non-

TSS storage.

For example, malicious users or malware can manipulate, corrupt or destroy the application-managed

ESI without the application’s knowledge by simply bypassing the application and modifying the

application-managed ESI on a non-TSS platform.

To compensate for the application-managed ESI security and protection, the operating system standard

access controls and permissions shall be used. Though deemed a necessity in the context of any trusted

environment, operating system enforced access controls and permissions are limited to enforcing

privileges without taking into consideration the status of the ESI and associated requirements of

a TSS. Without a TSS to protect and safeguard the trustworthiness of ESI, an authenticated process,

a privileged user, rogue administrator or anything executing in their context, whether ransomware,

malicious code, or any accidental act, can destroy, encrypt and modify any application-managed ESI.

In the age of ransomware, malicious and accidental acts, a TSS should be included when implementing

any trusted environment to ensure the trustworthiness of ESI and protection of its authenticity and

immutability against internal and external vulnerabilities and exploits that can compromise ESI in a

non-TSS or application-managed environment.

In many instances, an application can contain many different types of applications within it, or share

ESI with other applications and organizational entities, resulting in a c
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.