Techniques to audit and certify the long-term integrity of digital archives

S Song, J JaJa - International Journal on Digital Libraries, 2009 - Springer
S Song, J JaJa
International Journal on Digital Libraries, 2009Springer
A fundamental requirement for a digital archive is to set up mechanisms that will ensure the
authenticity of its holdings in the long term. In this article, we develop a new methodology to
address the long-term integrity of digital archives using rigorous cryptographic techniques.
Our approach involves the generation of a small-size integrity token for each object, some
cryptographic summary information, and a framework that enables cost-effective regular and
periodic auditing of the archive's holdings depending on the policy set by the archive. Our …
Abstract
A fundamental requirement for a digital archive is to set up mechanisms that will ensure the authenticity of its holdings in the long term. In this article, we develop a new methodology to address the long-term integrity of digital archives using rigorous cryptographic techniques. Our approach involves the generation of a small-size integrity token for each object, some cryptographic summary information, and a framework that enables cost-effective regular and periodic auditing of the archive’s holdings depending on the policy set by the archive. Our scheme is very general, architecture and platform independent, and can detect with high probability any alteration to an object, including malicious alterations introduced by the archive or by an external intruder. The scheme can be shown to be mathematically correct as long as a small amount of cryptographic information, in the order of 100 KB/year, can be kept intact. Using this approach, a prototype system called ACE (Auditing Control Environment) has been built and tested in an operational large scale archiving environment.
Springer
Showing the best result for this search. See all results