Article thumbnail

Trustworthy 100-Year Digital Objects: Evidence Even After Every Witness is Dead

By H.M. Gladney


How can a publisher store digital information so that any reader can reliably test its authenticity, even years later when no witness can vouch for its validity? What is the simplest security infrastructure sufficient to protect and later test evidence of authenticity? In ancient times, wax seals impressed with signet rings were affixed to documents as evidence of their authenticity. A digital counterpart is a message authentication code fixed firmly to each important document. If a digital object is sealed together with its own audit trail, each user can examine this evidence to decide whether to trust the content—no matter how distant this user is in time, space, and social affiliation from the document’s source. We suggest technical means for accomplishing this: encapsulation of the document content with metadata describing its origins, cryptographic sealing, webs of trust for public keys rooted in a forest of respected institutions, and a certain way of managing document identifiers. These means will satisfy emerging needs in civilian and military record management, including medical patient records, regulatory records for aircraft and pharmaceuticals, business records for financial audit, legislative and legal briefs, and scholarly works. This is true for any kind of document, independently of its purposes and of most data type and representation details, and provides each user with autonomy for most of what he does. Producers can prepare works for preservation without permission from or synchronization with any authority or service agent. Librarians can add metadata without communicating with document originators or repository managers. Consumers can test authenticity without Internet delays, apart from those for fetching cryptographic certificates. Our method accomplishes much of what is sought under labels such as “trusted digital repositories”, and does so more flexibly and economically than any method yet proposed. It requires at most easy extensions of available content management software, and is therefore compatible with what most digital repositories have installed and are using today.

Topics: BC Authenticity and Integrity, CC Encapsulation
Year: 2003
DOI identifier: 10.1145/1010614.1010617
OAI identifier:
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)

  • To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.

    Suggested articles


    1. (1995). A Framework for Distributed Digital Object Services, doi
    2. (1999). A Perspective: The Role of Identifiers doi
    3. (1993). A Storage Subsystem for Image and Records Management, doi
    4. (2001). A URN Namespace for Public Identifiers,
    5. (1997). and S.A.Vanstone, Handbook of Applied Cryptography, doi
    6. (1996). Applied Cryptography: Protocols, Algorithms, and Source Code in C, doi
    7. (1992). Authentication in Distributed Systems: Theory and Practice, doi
    8. (2000). Authentication of Digital Objects: Lessons from a Historian's Research ,
    9. (2000). Authentication of Digital Objects: Lessons from a Historian's Research,
    10. (2000). Authenticity and Integrity in the Digital Environment: An Exploratory Analysis of the Central Role of Trust,
    11. (1998). Authenticity of Digital Resources: Towards a Statement of Requirements in the Research Process, D-Lib Magazine, doi
    12. (2001). Authorization Management for Digital Libraries, doi
    13. (1997). CFR Part 11, Electronic Records; Electronic Signatures, doi
    14. (1997). Citing and Linking in Electronic Scholarly Publishing: A Pragmatic Approach, doi
    15. (2000). Collection-Based Persistent Digital Archives - Part 1, D-Lib doi
    16. (2000). Committee on an Information Technology Strategy for the Library of Congress,
    17. (2002). Digital Experts Search for E-Archive Permanence: Summary of the Forum in
    18. (1998). Diplomatics: new uses for an old science,
    19. (2003). DSpace: An Open Source Dynamic Digital Repository, doi
    20. (1994). Functional Requirements for Uniform Resource Names,
    21. (2001). Greenstone: doi
    22. (1997). Identifiers and Their Role in Networked Information Applications, ARL: doi
    23. (2000). Implementing a Reliable Digital Object Archive, and also Arturo Crespo and Hector Garcia-Molina, Modeling Archival Repositories (Extended Version), both doi
    24. (2000). Intelligent Wrapping of Information Sources: Getting Ready for the Electronic Market,
    25. (1996). Item Level Control and Electronic Recordkeeping, Conf. Society of American Archivists, doi
    26. (2001). Linking to the Appropriate Copy: Report of a DOI-Based Prototype, D-Lib Magazine 7(9), doi
    27. (2001). LOCKSS: A Permanent Web Publishing and Access System, D-Lib Magazine, doi
    28. (2001). Metadata Encoding and Transmission Standard (METS), doi
    29. (2000). Metadata for the Long Term Preservation of Electronic Publications,
    30. (1996). Metadata Requirements for Evidence,
    31. (2001). MetaNet - A Metadata Term Thesaurus to Enable Semantic Interoperability Between Metadata Domains,
    32. (1997). Nada Kpidzic Cicovic, and David Chadwick, Trust Models in ICE-TEL, doi
    33. (1999). Notes Toward a Universal Preservation Format,
    34. (2003). On Making and Identifying a "Copy", D-Lib Magazine 9(1), doi
    35. (2000). Overview of Certification Systems:
    36. (2000). Policy-Carrying, Policy-Enforcing Digital Objects, doi
    37. (1996). Preservation doi
    38. (2003). Preservation Metadata: doi
    39. (2002). Producer-Archive Interface Methodology Abstract Standard doi
    40. (2002). Producer-Archive Interface Methodology Abstract Standard, doi
    41. (2000). Providing Grounds for Trust: Developing Conceptual Requirements for the Long-Term Preservation of Authentic Electronic Records,
    42. (2001). Reference Model for an Open Archival Information System (OAIS), doi
    43. (1999). Registration Procedures for URL Scheme Names,
    44. (1999). Reliable and Trustworthy: The Challenge of Cyber-Infrastructure Protection at the Edge of the Millennium, iMP: The Magazine on Information Impacts,
    45. (2001). Research Initiatives, Handle System: A general-purpose global name service enabling secure name resolution over the Internet,
    46. (2001). Resource Description Framework (RDF),
    47. (1998). Role-based Access Control, doi
    48. (1998). Safeguarding Digital library Contents and Users: A Note on Universal Unique Identifiers, D-Lib Magazine, doi
    49. (2002). Securing XML: Ensuring confidentiality, authentication, authorization, and more,
    50. (2000). SMPTE Recommended Best Practice, Application of Unique Material Identifiers in Production and Broadcast Environments at,
    51. (2000). Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure, doi
    52. (1980). The Art of Japanese Prints, Calmann
    53. (2001). The Digital Object Identifier System, doi
    54. (2001). The KeyNote Trust Management System, doi
    55. (2000). The metadata framework: Principles, model and data dictionary,
    56. (1999). The Promise and Threat of Digital Options in an Archival Age,
    57. (2001). The XNS Public Trust Organization, Requirements of a Global Identity Management Service,
    58. (2002). Trusted Digital Repositories: Attributes and Responsibilities,
    59. (1997). Trusted Systems, doi
    60. (2001). Trusting Records in a Post-Modern World, doi
    61. Trustworthy 100-Year Digital Documents: Durable Encoding for When It's Too Late to Ask, to be available 2Q03. doi
    62. Trustworthy 100-Year Digital Documents: End User Interfaces, planned for 4Q03.
    63. Trustworthy 100-Year Digital Documents: Executive Summary of a Digital Preservation Proposal, to be available 2Q03.
    64. (2003). Trustworthy 100-Year Digital Documents: How Might Evolving Economics Affect Digital Archive Design, planned for
    65. (2002). Trustworthy 100-Year Digital Documents: Preservation Requirements and Architecture, a living specification, first draft in
    66. (2003). Trustworthy 100-Year Digital Documents: Syntax and Semantics—Tension between Facts and Values, planned for
    67. (2003). Trustworthy 100-Year Digital Documents: What's Authentic? Essential and Accidental in Documents, planned for
    68. (1998). Uniform Resource Identifiers (URI): Generic Syntax,
    69. (1997). Unique Identifiers: a brief introduction.,
    70. (1994). Universal Resource I dentifiers in WWW: A Unifying Syntax for the Expression of Names and Addresses of Objects on the Network as used in the World-Wide Web ,
    71. (1994). Universal Resource Identifiers in WWW: A Unifying Syntax for the Expression of Names and Addresses of Objects on the Network as used in the World-Wide Web,
    72. (2000). Walking the Web of Trust, doi
    73. (2003). What Do We Mean By Authentic? What’s the Real McCoy?, submitted to D-Lib Magazine, doi
    74. (2001). When Documents Deceive: Trust and Provenance as New Factors for Information Retrieval in a Tangled Web , doi
    75. (2001). When Documents Deceive: Trust and Provenance as New Factors for Information Retrieval in a Tangled Web, doi
    76. (2003). Why Archive Audio Metadata ,
    77. (2003). Why Archive Audio Metadata,
    78. (2000). with original illustrations by John Tenniel and introduction and notes by Martin Gardner, The annotated Alice: Alice's adventures doi
    79. (2002). YEA: The Yale Electronic Archive, One Year of Progress: Report on the Digital Preservation Planning Project,