Information Technology Reference
In-Depth Information
altered in an undocumented manner. An example is a Cyclical Redundancy Check
(CRC) code for a file .
This information provides the Data Integrity checks or Validation/Verification
keys used to ensure that the particular Content Information object has not been
altered in an undocumented manner. Fixity Information includes special encod-
ing and error detection schemes that are specific to instances of Content Objects.
Fixity Information does not include the integrity preserving mechanisms provided
by the OAIS underlying services, error protection supplied by the media and device
drivers used by Archival Storage. The Fixity Information may specify minimum
quality of service requirements for these mechanisms .
Fixity is relevant within the repository or in the transfer phase, but cannot be
itself the guarantee for long-term integrity, because of the problem of obsolescence.
There are a large number of object digest/hash/checksum algorithms, such as CRC-
32, MD5, RIPEMD-160, SHA and HAVAL, some of which are, at the moment,
secure in the sense that it is almost impossible for changes in the digital object
to fail to be detected - at least as long as the original digest itself is kept secure.
However in the future processing power, of individual processors and of collections
of processors, will increase and algorithms may become “crackable”. Warning of the
vulnerability of any particular type of digest algorithm would be another function
of the Orchestration manager (detailed in Sect. 17.5 ).
Since Fixity is concerned with whether or not the bit sequences of the digital
object have been changed, having nothing to do with the meaning of those bits, it
is reasonable to say that the way in which we create or check Fixity Information is
independent of the discipline from which the information comes.
In a broad sense the tools for fixity used by the repositories (and by the creator of
the Digital Object) have to be documented. More precisely the Fixity Information
will be encoded in some way as a digital object and that digital object must have its
own Representation Information which allows one to understand and use it. It will
also have Provenance associated with it. This is another example of recursion.
The CASPAR Key Store concept - which could be simply be a Registry-type
entity - could provide additional security for the digests. It may be possible to use
one object digest as an identifier to be sent to the Key Store which returns the other
digest which can be used to confirm the fixity of the object.
More sophisticated techniques have been proposed using a publicly available
digests of digests [ 131 ].
10.3 Reference Information
OAIS defines Reference Information as the information which:
identifies, and if necessary describes, one or more mechanisms used to
provide assigned identifiers for the Content Information. It also provides
those identifiers that allow outside systems to refer, unambiguously, to this
Search WWH ::




Custom Search