skip navigation
ERPAePRINTS  logo: erpanet skip navigation

   

Trustworthy 100-Year Digital Objects: Evidence Even After Every Witness is Dead

Gladney, H.M. (2003) Trustworthy 100-Year Digital Objects: Evidence Even After Every Witness is Dead.

Full text available as:
PDF - Requires Adobe Acrobat Reader or other PDF viewer.

Abstract

How can a publisher store digital information so that any reader can reliably test its authenticity,
even years later when no witness can vouch for its validity? What is the simplest security
infrastructure sufficient to protect and later test evidence of authenticity?

In ancient times, wax seals impressed with signet rings were affixed to documents as evidence of
their authenticity. A digital counterpart is a message authentication code fixed firmly to each
important document. If a digital object is sealed together with its own audit trail, each user can
examine this evidence to decide whether to trust the content—no matter how distant this user is
in time, space, and social affiliation from the document’s source.

We suggest technical means for accomplishing this: encapsulation of the document content with
metadata describing its origins, cryptographic sealing, webs of trust for public keys rooted in a
forest of respected institutions, and a certain way of managing document identifiers. These
means will satisfy emerging needs in civilian and military record management, including medical
patient records, regulatory records for aircraft and pharmaceuticals, business records for
financial audit, legislative and legal briefs, and scholarly works.

This is true for any kind of document, independently of its purposes and of most data type and
representation details, and provides each user with autonomy for most of what he does.
Producers can prepare works for preservation without permission from or synchronization with
any authority or service agent. Librarians can add metadata without communicating with
document originators or repository managers. Consumers can test authenticity without Internet
delays, apart from those for fetching cryptographic certificates.

Our method accomplishes much of what is sought under labels such as “trusted digital
repositories”, and does so more flexibly and economically than any method yet proposed. It
requires at most easy extensions of available content management software, and is therefore
compatible with what most digital repositories have installed and are using today.

EPrint Type:Preprint
Keywords:Preservation authenticity trust evidence digital certificates
Subjects:B Digital Preservation Concerns: BC Authenticity and Integrity
C Strategies and Procedures: CC Encapsulation
Document Language:English
ID Code:8
Deposited By:Gladney, Dr. H.M.
Deposited On:26 August 2003

Commentary/Response Threads