| Non-repudiation protects individuals against later claims by an author of not having authored a particular document, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document. Non-repudiation services can be used to determine if information originated from an individual, or if an individual took specific actions (e.g., sending an email, signing a contract, approving a procurement request) or received specific information. Non-repudiation services are obtained by employing various techniques or mechanisms (e.g., digital signatures, digital message receipts).
When it comes to data review and data release, there must be a correlation between the data that is reviewed and the person who performs the review.
The application server is not designed to produce or release information. This requirement relates to applications that are designed to output data and therefore would not employ notions of chain of custody.
|
