Henry M. Gladney
Abstract
In ancient times, wax seals impressed with signet rings were affixed to documents as evidence of their authenticity. A digital counterpart is a message authentication code fixed firmly to each important document. If a digital object is sealed together with its own audit trail, each user can examine this evidence to decide whether to trust the content---no matter how distant this user is in time, space, and social affiliation from the document's source.We propose an architecture and design that accomplish this: encapsulation of digital object content with metadata describing its origins, cryptographic sealing, webs of trust for public keys rooted in a forest of respected institutions, and a certain way of managing information identifiers. These means will satisfy emerging needs in civilian and military record management, including medical patient records, regulatory records for aircraft and pharmaceuticals, business records for financial audit, legislative and legal briefs, and scholarly works.This is true for any kind of digital object, independent of its purposes and of most data type and representation details, and provides every kind of user---information authors and editors, librarians and collection managers, and information consumers---with autonomy for implied tasks. Our prototype will conform to applicable standards, will be interoperable over most computing bases, and will be compatible with existing digital library software.The proposed architecture integrates software that is mostly available and widely accepted.
References
- Arms, W. Y. 1995. Key Concepts in the Architecture of the Digital Library. D-Lib Magazine (July).]]Google Scholar
- Beagrie, N., Bellinger, M., Dale, R., Doerr, M., Hedstrom, M., Jones, M., Kenney, A., Lupovici, C., Russell, K., Webb, C., and Woodyard, D. 2002. Trusted Digital Repositories: Attributes and Responsibilities, RLG-OCLC Report, http://www.rlg.org/longterm/repositories.pdf.]]Google Scholar
- Bearman, D. and Sochats, K. 1996. Metadata Requirements for Evidence. http://www.archimuse.com/papers/nhprc/BACartic.html. http://www.archimuse.com/papers/nhprc/meta96.html.]]Google Scholar
- Bearman, D. and Trant, J. 1998. Authenticity of Digital Resources: Towards a Statement of Requirements in the Research Process. D-Lib Magazine (June).]]Google Scholar
- Beit-Arie, O., Blake, M., Caplan, P., Flecker, D., Ingoldsby, T., Lannom, L. W., Mischo, W. H., Pentz, E., Rogers, S., and Van de Sompel, H. 2001. Linking to the Appropriate Copy: Report of a DOI-Based Prototype. D-Lib Magazine 7, 9.]]Google Scholar
- Berners-Lee, T., Fielding, R., and Masinter, L. 1998. Uniform Resource Identifiers (URI): Generic Syntax. IETF RFC 2396.]] Google Scholar
- Caronni, G. 2000. Walking the WWW of trust. In Proceedings of the 9th Workshop on Enabling Technologies. IEEE Computer Society Press.]] Google Scholar
- CCSDS 650.0-R-2. 2001. Reference Model for an Open Archival Information System (OAIS). http://www.ccsds.org/RP9905/RP9905.html.]]Google Scholar
- Cooper, B., Crespo, A., and Garcia-Molina, H. 2000. Implementing a reliable digital object archive, and modeling archival repositories. In Proceedings of the 4th European Conference on Digital Libraries.]] Google Scholar
- Conway, P. 1996. Preservation in the Digital World. CLIR Report pub92.]] Google Scholar
- CNRI (Corporation for National Research Initiatives). 2001. Handle System: A general-purpose global name service enabling secure name resolution over the internet. http://www.handle.net/.]]Google Scholar
- CLIR (Council on Library and Information Resources and the Library of Congress). 2002. The State of Digital Preservation: An International Perspective. pub107.]]Google Scholar
- Cullen, C. T. 2000. Authentication of digital objects: Lessons from a Historian's Research. In Authenticity in a Digital Environment. CLIR Report pub92.]]Google Scholar
- FDA 21 CFR Part 11. 1997. Electronic Records: Electronic Signatures. Federal Register 62, 54, 13430, http://www.21cfr11.com/files/library/government/21cfrpart11_final_rule.pdf.]]Google Scholar
- Doyle, M. 1997. Citing and Linking in Electronic Scholarly Publishing: A Pragmatic Approach. http://ridge.aps.org/DOYLE/sweden/talk/sweden.html.]]Google Scholar
- Duranti, L. 1998. Diplomatics: New Uses for An Old Science. Scarecrow Press, Lanham, Md.]]Google Scholar
- Eastlake, D. E. and Niles, K. 2002. Secure XML: The New Syntax for Signatures and Encryption. Addison Wesley.]] Google Scholar
- Ebersole, J. L. 1994. Protecting Intellectual Property Rights on the Information Superhighways, Information Industry Association report.]]Google Scholar
- Ellison, C. and Schneier, B. 2000. Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure. Comp. Sec. J. 16, 1, 1--7.]]Google Scholar
- Feghhi, J. and Williams, P. 1998. Digital Certificates: Applied Internet Security. Addison-Wesley, Reading, MA.]] Google Scholar
- Garrett, J. and WAters, D., eds. 1995. Preserving Digital Information: Report of the Task Force on Archiving of Digital Information, commissioned by The Commission on Preservation and Access and The Research Libraries Group.]]Google Scholar
- Gerck, E. 2000. Overview of Certification Systems: X.509, PKIX, CA, PGP, SKIP, http://www.mcg.org.br/certover.pdf.]]Google Scholar
- Gladney, H. M. 1993. A Storage Subsystem for Image and Records Management. IBM Syst. J. 32, 3, 512--540.]] Google Scholar
- Gladney, H. M. 1998. Safeguarding Digital Library Contents and Users: A Note on Universal Unique Identifiers. D-Lib Magazine (April).]]Google Scholar
- Gladney, H. M. and Cantu, A., Jr. 2001. Authorization Management for Digital Libraries. Comm. ACM 44, 5, 63--65.]] Google Scholar
- Gladney, H. M. and Bennett, J. L. 2003a. What do We Mean by Authentic? What's the Real McCoy?. D-Lib Magazine 9, 7/8 (July).]]Google Scholar
- Gladney, H. M. and Lorie, R. 2003b. Trustworthy 100-Year Digital Objects: Durable Encoding for When it's too Late to Ask, preprint available on request.]]Google Scholar
- Gladney, H. M. 2003c. Trustworthy 100-Year Digital Objects: Syntax and Semantics---Tension between Facts and Values, preprint available on request (December).]]Google Scholar
- Grandison, T. and Sloman, M. 2000. A Survey of Trust in Internet Applications. IEEE Comm. Surveys & Tutorials (4th Quarter).]] Google Scholar
- Green, B. and Bide, M. 1997. Unique Identifiers: a brief introduction. http://www.bic.org.uk/uniquid.]]Google Scholar
- Herzberg, A. 2002. Securing XML: Ensuring confidentiality, authentication, authorization, and more. Dr. Dobb's Journal (March), 56--62.]] Google Scholar
- Hill, K. 1999. A Perspective. The Role of Identifiers in Managing and Protecting Intellectual Property in the Digital Age. Proc. IEEE 87, 7, 12--28.]]Google Scholar
- Hunter, J. 2001. MetaNet---A Metadata Term Thesaurus to Enable Semantic Interoperability Between Metadata Domains. J. Dig. Info. 1, 8.]]Google Scholar
- IBM, DB2 Data Links Manager v.8.1, 2003.http://www-3.ibm.com/software/data/db2/datalinks/.]]Google Scholar
- Illing, R. 1980. The Art of Japanese Prints. Calmann & Cooper, London, p. 170.]]Google Scholar
- Kahn, R. and Wilensky, R. 1995. A Framework for Distributed Digital Object Services (May 1995). http://www.cnri.reston.va.us/cstr/arch/k-w.html.]]Google Scholar
- Lee, K.-H., Slattery, O., Lu, R., Tang, X., and McCrary, V. 2002. The state of the Art and Practice in Digital Preservation. J. Res. Natl. Inst. Stand. Technol. 107, 93--106.]]Google Scholar
- Lampson, B., Abadi, M., Burrows, M., and Wobber, E. 1992. Authentication in Distributed Systems: Theory and Practice. ACM Trans. Computer Sys. 10, 4, 265--310.]] Google Scholar
- LC (Library of Congress). 2003. Preserving Our Digital Heritage: Plan for the National Digital Information Infrastructure and Preservation Program. http://www.digitalpreservation.gov/repor/ndiipp_plan.pdf.]]Google Scholar
- Lupovici, C. and Masanès, J. 2000. Metadata for the Long Term Preservation of Electronic Publications. NedLib Report Series 2.]]Google Scholar
- Lynch, C. 1997. Identifiers and Their Role in Networked Information Applications. ARL: A Bimonthly Newsletter of Research Library Issues and Actions 194.]]Google Scholar
- Lynch, C. 2000. Authenticity and Integrity in the Digital Environment: An Exploratory Analysis of the Central Role of Trust, in Authenticity in the Digital Environment. CLIR Report pub92; ISBN 1-887334-77-7.]]Google Scholar
- MacNeil, H. 2000. Providing Grounds for Trust: Developing Conceptual Requirements for the Long-Term Preservation of Authentic Electronic Records. Archivaria 50 (Autumn), 53--76.]]Google Scholar
- Marcum, D. B. 2003. Research Questions for the Digital Era Library. Library Trends 51, 4, 636--651.]]Google Scholar
- Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A. 1997. Handbook of Applied Cryptography. CRC Press, New York.]] Google Scholar
- METS (Metadata Encoding and Transmission Standard). 2002. http://www.loc.gov/standards/mets/.]]Google Scholar
- Miller, E., Swick, R., and Brickley, D. 2001. Resource Description Framework (RDF), http://www.w3.org/RDF/.]]Google Scholar
- Moore, R., Baru, C., Rajasekar, A., Ludaescher, B., Marciano, R., Wan, M., Schroeder, W., and Gupta, A. 2000. Collection-Based Persistent Digital Archives---Part 1. D-Lib Magazine 6, 3. Part 2 D-lib Magzine 6, 4.]]Google Scholar
- NRC (National Research Council). 2000. LC21: A Digital Strategy for the Library of Congress. National Academy Press (Especially Ch., Preserving a Digital Heritage.)]]Google Scholar
- Nelson, M., Maly, K., Zubair, M., and Shen, S. N. T. 1999. SODA: Smart Objects, Dumb Archives. ECDL99, Lecture Notes in Computer Science. Springer Verlag.]] Google Scholar
- NLNZ (National Library of New Zealand). 2002. Metadata Standards Framework---Preservation Metadata, http://www.natlib.govt.nz/files/4initiatives_metaschema.pdf.]]Google Scholar
- Okerson, A., Bennett, S., Conway, P., Gewirtz, D., Martz, F., Parker, K., and Szary, R. 2002. YEA: The Yale Electronic Archive, One Year of Progress: Report on the Digital Preservation Planning Project, http://www.library.yale.edu/∼okerson/yea/.]]Google Scholar
- Paskin, N. 2003. The DOI Handbook Version 3.1, http://www.doi.org/hb.html.]]Google Scholar
- Payette, S. and Lagoze, C. 2000. Policy-Carrying, Policy-Enforcing Digital Objects. 4th European Conference on Research and Advanced Technology for Digital Libraries. Portugal, Springer Verlag.]] Google Scholar
- Reich, V. and Rosenthal, D. S. H. 2001. LOCKSS: A Permanent WWW Publishing and Access System. D-Lib Magazine 7, 6.]]Google Scholar
- Rust, G. and Bide, M. 2000. The metadata framework: Principles, model and data dictionary, http://www.indecs.org/pdf/framework.pdf.]]Google Scholar
- Sandhu, R. S. 1998. Role-based Access Control. Advances in Computers 46, 237--286.]]Google Scholar
- Schneier, B. 1996. Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley & Sons, New York, NY,]] Google Scholar
- Smith, M. Barton, M., Boss, M., Branschofsky, M., McClellan, G., Stuve, D., Transley, R., and Walker, J. H. 2003. DSpace: An Open Source Dynamic Digital Repository. D-Lib Magazine 9, 1.]]Google Scholar
- SMPTE. 2000. Recommended Best Practice, Application of Unique Material Identifiers in Production and Broadcast Environments at www.smpte.org, RP 205.]]Google Scholar
- Sollins, K. and Masinter, L. 1994. Functional Requirements for Uniform Resource Names. IETF RFC 1737.]] Google Scholar
- Thorsteinson, P. and Ganesh, G. 2003. NET Security and Cryptography. Prentice Hall, ISBN: 0-131-00851-X.]] Google Scholar
- Walsh, N. 2001. A URN Namespace for Public Identifiers. IETF RFC 3151.]] Google Scholar
Index Terms
Trustworthy 100-year digital objects: Evidence after every witness is dead
Comments