Our technologies

The InterDeposit service has chosen to comply with several standards recognized in terms of its technical base but also the trusted providers it uses.

Compliance and protection of your data

The platform complies with the General Safety Regulations (RGS).

This repository sets, according to the level of security required, the rules that must respect certain functions contributing to the security of the information, among which the electronic signature, the authentication, the confidentiality or the timestamp. The rules formulated in the RGS are imposed and are modulated according to the level of security chosen by the administrative authority in the context of securing the online services for which it is responsible.

Compliance with the RGS includes in particular:

  • management of confidentiality and integrity of keys;
  • compliance of authentication mechanisms;
  • conformity of generation mechanisms (random generator) and key size.

Our compliance policy leads us to respect several standards.

Timestamps

The timestamp ensures, beyond the date and time of the document, the existence of the document on that date.

The third ticket machine used when sealing the archives is:

  • in accordance with the RGS;
  • certified according to the European standard ETSI TS 102 023.

The Siaf approval

A procedure framed by the approval of the Interministerial Service of the Archives of France (SIAF), which controls all the guarantees that providers must provide, especially for the preservation of electronic archives. It is necessary for the processing of public archives.

NF Z42-013 standard on electronic archiving

The InterDeposit platform uses third-party archivers who have the most demanding approvals and certifications on the market. These repositories serve to guarantee the availability, integrity, confidentiality, traceability and durability of the data stored.

The NF Z42-013 standard sets out a set of Afnor specifications concerning the technical and organizational measures to be implemented for the recording, storage and return of electronic documents under conditions that guarantee their integrity.

Accreditation health data

The procedure for approving the hosts of personal health data is specified by the decree of 4 January 2006. The authorization is issued by the Minister of Health, after a reasoned opinion of an accreditation committee and the Cnil, for a period of three years. It is essential to host health data.

The third-party archiver also complies with other international standards and standards (including MoReq2).

Confidentiality and security of your data

To ensure the confidentiality of exchanges and archives, InterDeposit uses a wide range of cryptographic techniques.

These techniques involve the use of symmetric, asymmetric encryption algorithms and hashing / fingerprinting functions (examples: RSA asymmetric encryption algorithm, AES 256 symmetric encryption algorithm, and SHA 256 and 512 hashing algorithm).

The cryptographic means are used at each stage of the life cycle of the archives (creation, payment, restitution and destruction).

The use of cryptographic mechanisms differs according to the type of distribution.

The InterDeposit application is regularly audited by agencies accredited by Anssi and ensures a rigorous and state-of-the-art key management policy.