Post on 12-Jan-2016
description
OAIS Based Certification
David GiarettaERPANET WORKSHOP
Antwerpen April 2004
Outline
• Discussion of Open Archival Information Systems (OAIS) Reference Model
• Certification under OAIS – what would it mean?
• Examples
OAIS Reference Model
• Start with Reference Model to– Define terminology– Provide framework for discussions ISO 14721:2002
• Background information: http://ssdoo.gsfc.nasa.gov/nost/isoas/
• Complete standard can be downloaded from http://ssdoo.gsfc.nasa.gov/nost/isoas/wwwclassic/documents/pdf/CCSDS-650.0-B-1.pdf
• Introduction to OAIS http://www.dpconline.org/graphics/reports/index.html#intoais
OAIS Information Definition
Information is defined as any type of knowledge that can be exchanged, and this information is always expressed (i.e., represented) by some type of data
In general, it can be said that “Data interpreted using its Representation Information yields Information”
In order for this Information Object to be successfully preserved, it is critical for an archive to clearly identify and understand the Data Object and its associated Representation Information
DataObject
InterpretedUsing its
RepresentationInformation
Yields
InformationObject
Information
Representation Net
Recursion stops when the Representation Information is understandable by
Knowledge Base of the
Designated Community
Information Packaging
ArchivalInformation
Package (AIP)
ContentInformation
PreservationDescriptionInformation
(PDI)e.g., • Hardcopy document
• Document as an electronic file together with its format description • Scientific data set consisting of images and text in three electronic files together with format descriptions
e.g., • How the Content Information came into being, who has held it, how it relates to other information, and how its integrity is assured
OAIS Archival Information Package
PackagingInformation
PackageDescriptor
further described by
delimited byderived from
e.g., How to find Content information and PDI onsome medium
e.g., Informationsupporting customersearches for AIP
AIP detailed view
SIP = Submission Information PackageAIP = Archival Information PackageDIP = Dissemination Information Package
4-1
.2
MANAGEMENT
Ingest
Data Management
SIP
AIPDIP
queries
result setsAccess
PRODUCER
CONSUMER
Descriptive Info
AIP
orders
Descriptive Info
Archival Storage
Administration
Preservation Planning
OAIS Functional Model
Functional Entities In An OAIS Ingest: This entity provides the services and functions to accept Submission
Information Packages (SIPs) from Producers and prepare the contents for storage and management within the archive
Archival Storage: This entity provides the services and functions for the storage, maintenance and retrieval of Archival Information Packages
Data Management: This entity provides the services and functions for populating, maintaining, and accessing both descriptive information which identifies and documents archive holdings and internal archive administrative data.
Administration: This entity manages the overall operation of the archive system
Preservation Planning: This entity monitors the environment of the OAIS and provides recommendations to ensure that the information stored in the OAIS remain accessible to the Designated User Community over the long term even if the original computing environment becomes obsolete.
Access: This entity supports consumers in determining the existence, description, location and availability of information stored in the OAIS and allowing consumers to request and receive information products
OAIS Responsibilities
• Negotiates and accepts Information Packages from information producers
• Obtains sufficient control to ensure long-term preservation• Determines which communities (designated) need to be able
to understand the preserved information• Ensures the information to be preserved is independently
understandable to the Designated Communities• Follows documented policies and procedures which ensure
the information is preserved against all reasonable contingencies
• Makes the preserved information available to the Designated Communities in forms understandable to those communities
Some Related Work• Lots of Copies Keep Stuff Safe (LOCKSS) http://lockss.stanford.edu/
– LOCKSS provides tools which use local, library controlled computers to safeguard reader’s long-term access to web based journals.
• IEEE Storage System Standards Working Group. Reference Model for Open Storage Systems Interconnection.Mass Storage System Reference Model Version 5. New York: IEEE, September 1994. http://www.ssswg.org/public_documents.html
• BSi 7799/ISO 17799 (http://www.iso17799-made-easy.com/ )– ISO/IEC 17799:2000 (Part 1) is the standard code of practice and can be
regarded as a comprehensive catalogue of good security things to do.– BS7799-2:2002 (Part 2) is a standard specification for an Information Security
Management Systems (ISMS). An ISMS is the means by which Senior Management monitor and control their security, minimising the residual business risk and ensuring that security continues to fulfil corporate, customer and legal requirements.
• Research Library Group (RLG – http://www.rlg.org)– RLG is a not-for-profit membership corporation of over 160 universities, national
libraries, archives, historical societies, and other institutions with remarkable collections for research and learning. Rooted in collaborative work that addresses members' shared goals for these collections, RLG develops and operates information resources used by members and nonmembers around the world.
• Online Computer Library Centre (OCLC – http://www.oclc.org)– OCLC exists to further access to the world’s information and reduce library costs
by offering services for libraries and their users.• Preserving Access to Digital Information (PADI - http://www.nla.gov.au/padi/ )
Trusted Digital Repositories
• Joint work by RLG and OCLC• “A trusted digital repository is one whose mission is to provide reliable,
long-term access to managed digital resources to its designated community, now and in the future.”
• Final report – TDR Attributes and Properties http://www.rlg.org/longterm/repositories.pdf
• Recommendation 1: Develop a framework and process to support the certification of digital repositories. – A certification framework and certification process for digital
repositories are crucial and their absence has been an impediment to assigning trust. Model processes, including checklists for certification reviews, should be developed incorporating the community approved attributes of trusted digital repositories, the work of the ISO Archiving Series, and other relevant projects.
Certification Task Force
• http://www.rlg.org/longterm/certification.html
• to produce certification requirements for establishing and selecting reliable digital information repositories.
• part of ongoing work with the OAIS model, and to go into the standardization process through the International Organization of Standardization (ISO) Archiving Series.
RLG - Task Force on Digital Repositories Certification
• Methodology and Goals
– Review literature
– Review existing certification efforts
– Consult with existing domain bodies
– Identify certifiable elements
– Create standard certification process
– Develop certification plan (see charter)
– Define revocation conditions/process
Remit
• Review recent literature and consult with appropriate organizations regarding standards, criteria, and mechanisms for certification.
• Review and address applicability of existing certification options to digital repositories; address concepts of self-certification, objective (third-party) certification, and domain-specific requirements.
• Identify a list of certifiable elements (attributes, processes, functions, activities) of a digital repository or types of repositories.
• Create a standard certification process or a framework that can be implemented across domains or types of digital repositories.
• Develop a certification plan: – identify certifying body or bodies; – identify timetable for execution and adherence; – identify frequency or cycle of certification; – create technical models; – if possible, create economic models for sustainability of independent
certifying program/body; and – create implementation scenarios.
• Define the conditions for revocation of certification and suggest appropriate action plans for endangered digital information.
Standardisation route
• RLG feeds Certification document into CCSDS
• CCSDS feeds into ISO
Possible Certification Process/Stages
• Self-certification – check list
• Peer-group (maybe mostly applicable to Libraries)
• Independent Certification
• Analogous to ISO9000, BUT with an explicit, testable guarantee of quality
BS7799 Accreditation
Digital Curation Centre (DCC)
• Consortium of Edinburgh, Glasgow, Bath and CCLRC
• £3M over 3 years with further funding expected for following 2-3 years
• Aim to be self-funding in the longer term
Long term funding of DCC
• Services
• Advice
• Certification e.g.
– Commercial repositories
– Commercial tools
– …
– ….
Certification and the CCLRC Atlas Petabyte Store (APS)
• Is the APS an OAIS or is it an Archival Storage component of an OAIS?
• Does this depend on the dataset you are talking about?
APS
BADC
Science centre
SOHO
CMS
……
SIP = Submission Information PackageAIP = Archival Information PackageDIP = Dissemination Information Package
4-1
.2
MANAGEMENT
Ingest
Data Management
SIP
AIPDIP
queries
result setsAccess
PRODUCER
CONSUMER
Descriptive Info
AIP
orders
Descriptive Info
Archival Storage
Administration
Preservation Planning
OAIS Functional Model
APS as an OAIS or TDR
• Who is the Designated Community?
– Could be “entities that can understand the bit-stream which is preserved”
APS as component of an OAIS
• Could provide the Archival Storage component of an OAIS
• The OAIS would consist of the combination of APS plus e.g. the front-end science centre
Archival Storage Functions
Preservation Planning
• In this case the Preservation Planning would be divided between the science centre and the APS
• Designated Community
– the science users
– Monitored by Science Centre
• Storage Technology
– Planning by APS management
Conclusions
• OAIS Reference Model is the basis of long-term Information Preservation
• Work is proceeding on Certification process – and this should become an ISO standard
• Bodies such as the DCC and partners could form basis for the Accreditation process