Guidance on Versioning of Digital Assets

Versioning of data and metadata is a crucial - but often overlooked - topic in scientific work. Using the wrong version of a (meta)data set can lead to drastically difference outcomes in interpretation, and lead to substantial, propagating downstream errors. At the same time, past versions of (meta)data sets are valuable records of the research process which should be preserved for transparency and complete reproducibility. Further, the final version of (meta)data sets may actually include errors that previous versions did not. Thus, careful version control is the foundation for trust in and broad reusability of research and operational (meta)data. This document provides an introduction to the principles of versioning, technical recommendations on how to manage version histories, and discusses some pitfalls and possible solutions. In the first part of this document, we present examples of change processes that require proper management and introduce popular versioning schemes. Finally, the document presents recommended practices for researchers as well as for infrastructure developers

Online Layered File System (OLFS): A Layered and Versioned Filesystem and Performance Analysis

We present a novel form of intra-volume directory layering with hierarchical, inheritance-like namespace unification. While each layer of an OLFS volume constitutes a subvolume that can be mounted separately in a fan-in configuration, the entire hierarchy is always accessible (online) and fully navigable through any mounted layer. OLFS uses a relational database to store its layering metadata and either a relational database or any (virtual) host file system as its backing store, along with metadata and block caching for improved performance. Because OLFS runs as a virtual file system in user-space, its capabilities are available to all existing software without modification or special privileges. We have developed a reference implementation of OLFS for FUSE based on MySQL and XFS, and conducted performance benchmarking against XFS by itself. We explore several applications of OLFS, such as enhanced server synchronization, transactional file operations, and versioning

Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey

Ensuring confidentiality of sensitive data is of paramount importance, since data leakage may not only endanger dataowners’ privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA andSarbanes-Oxley Act. To provide confidentiality guarantee, the data should be protected when they are preserved inthe personal computing devices (i.e.,confidentiality duringtheirlifetime); and also, they should be rendered irrecoverableafter they are removed from the devices (i.e.,confidentiality after their lifetime). Encryption and secure deletion are usedto ensure data confidentiality during and after their lifetime, respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of thedata in personal computing devices, including both encryption and secure deletion. Especially for encryption, wemainly focus on the novel plausibly deniable encryption (PDE), which can ensure data confidentiality against both acoercive (i.e., the attacker can coerce the data owner for the decryption key) and a non-coercive attacker

Building regulatory compliant storage systems

In the past decade, informational records have become entirely digital. These include financial statements, health care records, student records, private consumer information and other sensitive data. Because of the delicate nature of the data these records contain, Congress and the courts have begun to recognize the importance of properly storing and securing electronic records. Examples of legislation in-clude the Health Insurance Portability and Accountabilit

Multi-user publishing in the Web : DReSS, a Document Repository Service Station

Many WWW servers contain information written by several authors. These authors either need an account on the server machine, and special permissions to create information in the server space, or else the Webmaster needs to put the information in that space or allow the server to point to the author's own space. We present DReSS, a system to enable authors to deposit (and update) documents on a WWW server, using standard WWW features only. Authors do not need login permission on the server machine, ftp upload access, or even electronic mail. As the documents live in the WWW server space there is no need for the server to be able to access documents outside its space. Thus, our system will work on even the most securely shielded servers (running in a chroot environment). DReSS consists of a set of CGI-scripts and two small auxiliary programs running on the client machine. It can be used with any (HTML-2.0-capable) WWW browser, and with any WWW server. DReSS does not use special features ..