Skip to topic | Skip to bottom
ADAPT - A Digital Approach to Preservation Technology

Main
  • ADAPT Project

  • Components

  • Wiki

Create personal sidebar
Main.ACEOverviewr1.11 - 21 Jul 2008 - 20:57 - MikeSmorultopic end
Start of topic | Skip to actions

ACE: Audit Control Environment

Backgroud

One of the most challenging problems facing digital archives is how to ensure the authenticity of their holdings over the long term (tens or hundreds of years). Unless the authenticity of an archive can be assured, it would be almost impossible to use the archive’s holdings to support any significant endeavor. Digital information is in general quite fragile, especially over time.

Errors can be introduced because of hardware and media degradation, hardware and software malfunction, operational errors, security breaches, and malicious alterations, to name a few of the obvious ones. Other potential sources of errors, which are particularly relevant for long term archives, include major hardware and software systems changes due to technology evolution, and the possibility of major natural hazards and disasters such as fires, floods, and hurricanes.

Two additional factors complicate this problem further. First, an object will typically be subjected to a number of transformations during its lifetime, including those migrative transformations due to format obsolescence. These transformations may alter the object in unintended ways. Second, most current integrity checking mechanisms are based on some type of cryptographic techniques, most of which are likely to become less immune to potential attacks over time and hence they will need to be replaced by stronger techniques.

Our Approach

ACE (Auditing Control Environment) is a prototype system that incorporates a new methodology to address the integrity of long term archives using rigorous cryptographic techniques.ACE continuously audits the contents of the various objects according to the policy set by the archive, and provides mechanisms for an independent third-party auditor to certify the integrity of any object.

Our approach will allow an independent auditor to verify the integrity of every version of an archived digital object as well as link the current version to the original form of the object when it was ingested into the archive. Also, ACE is very cost effective and scalable while making no assumptions about the archive architecture.

Specifically, ACE is based on creating a small-size integrity token for each digital object upon its deposit into the archive (or upon registration of the object of an existing archive), to be stored either with the object itself or in a registry at the archive as authenticity metadata. Cryptographic summary information that depends on all the objects registered during a dynamic time period is stored and managed separately. The summary information is very compact and is size independent of the number or sizes of the objects ingested. Regular audits will be continuously conducted, which will make use of the integrity tokens and the summary integrity information to ensure the integrity of both the objects and the integrity information. In our prototype, audits can also be triggered by an archive manager or by a user upon data access.

Links

Old

-- SangChulSong - 24 Jan 2007
to top

End of topic
Skip to action links | Back to top

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.11 | > | r1.10 | > | r1.9 | Total page history | Backlinks
You are here: Main > IntegrityAuditingSystem > ACEOverview

to top

Copyright © 1999-2008 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.