Techniques to Audit and Certify the Long Term Integrity of Digital Archives
Abstract
A large portion of the government, business, cultural, and scientific
digital data being created today needs to be archived and preserved
for future use of periods ranging from a few years to decades and
sometimes centuries. A fundamental requirement for a long term archive
is to set up mechanisms that will ensure the authenticity of the
holdings of the archive. In this paper, we develop a new methodology
to address the integrity of long term archives using rigorous
cryptographic techniques. Our approach involves the generation of a
small-size integrity token for each digital object to be archived, and
some cryptographic summary information based on all the objects
handled within a dynamic time period. We present a framework that
enables the continuous auditing of the holdings of the archive, as
well as auditing upon access, depending on the policy set by the
archive. Moreover, an independent auditor will be able to verify the
integrity of every version of an archived digital object as well as
link the current version to the original form of the object when it
was ingested into the archive. Using this approach, a prototype system
called ACE (Auditing Control Environment) has been built and tested.
ACE is scalable and cost effective, and is completely independent of
the archive's underlying architecture.