Abstract | A large portion of the government, business, cultural, andscientific digital data being created today needs to be archived
and preserved for future use of periods ranging from a few years
to decades and sometimes centuries. A fundamental requirement
of a long term archive is to ensure the integrity of its holdings. In
this paper, we develop a new methodology to address the integrity
of long term archives using rigorous cryptographic techniques.
Our approach involves the generation of a small-size integrity
token for each digital object to be archived, and some
cryptographic summary information based on all the objects
handled within a dynamic time period. We present a framework
that enables the continuous auditing of the holdings of the archive
depending on the policy set by the archive. Moreover, an
independent auditor will be able to verify the integrity of every
version of an archived digital object as well as link the current
version to the original form of the object when it was ingested
into the archive. We built a - prototype system that is completely
independent of the archive’s underlying architecture, and tested it
on large scale data. We include in this paper some preliminary
results on the validation and performance of our prototype.
|