ASME Y14.42:2002 pdf free download

ASME Y14.42:2002 pdf free download.DIGITAL APPROVAL SYSTEMS.
2.3.2 Non-Repudiation. The digital approval system shall provide the necessary integrity and ability to authenticate the signature(s) such that the signature(s) cannot be repudiated. When documents are transported to another system(s). the integrity of the document. including its contents, approval indicators, approval indicator attributes, and document attributes, shall be maintained.
2.3.3 AuthorIty. The system shall have a verifiable authority to create and duitribute approval indicators. A unique aLathori?ation identity is issued to each approver.
2.3.4 ProtectIng Approval Indicator Information. Protection and control of approval indicator information. and the media or device in which it is contained, shall be a key ingredient of the system’s security.
2.3.4.1 ActIve Documents. Approval indicator thformation shall be maintained current. accessible, and fully functional as long as the document to which it is applied is considered active. This aho applies when media or device systems protocols migrate (i.e., as systems update or change).
2.3.4.2 Inactive Documents. Approval indicator information that has been applied to documents no longer active should be fully accessible. Migration of active media or device systems should retain the capability to recognize and validate approval indicator informatiuri applied to archived documents, This may be achieved through either continuous protocol updates to archived documents or “backward conipatible” capabilities of migrated active media oc device systems.
2.33 User Authentication With Passwords. For the purposes of this Standard, when a password system is used, the user shall control the password.
2.3.5.1 Password Over a Network. When a password is communicated over a network, the password shall be encrypted or physical appliances used, or both. to prevent unauthorized interception.
2.3.5.2 Password Criteria. Systems using passwords shall establish criteria that will ensure security of the system and its data. The following factors should be considered:
(a) the range of values from which each character of the password may be chosen;
(b) the total number of characters that make up the password;
(C) password duration for specific time intervals;
(d) limitations on use of previous passwords; and
(e) storage of passwords for use in the authentication process.
2.3.5.3 Password Generation.The password gener-ation system has a major impact on the security of thatsystem. Wwhen passwords are automatically generated,care shall be taken for secure distribution to users. Usersshall have the ability to change passwords themselves,or have a means of requesting a new password.
2.4 Revisions
Revisions to drawings and associated documentsrequire appropriate approvals and approval indicators.However, approwals applied to initial issues and previ-ous revisions shall remain in effect. Revisions are pre-pared in accordance with ASME Y14.35M.