1.0 .10 (20112013-0902-2104)
The webinar situated the Fixity Audit service in the context of a comprehensive program for pro-active preservation management, such as is provided by the Merritt repository. Merritt currently provides robust solutions for persistent identification and storage, fixity, replication, and access. UC3 staff are actively working on additional user-facing services for content characterization and enhanced discovery and delivery, which will be provided by integration with the CDL Publishing Group’s open source XTF platform (http://www.cdlib.org/services/publishing/tools/xtf/). UC3 staff are also moving ahead with plans for transformation and annotation services. All of these activities will be the focus of future webinars.
The webinar presented information on version 2 of the Fixity Audit service, which is was then under active development. (All content currently in Merritt is was subject to fixity verification using an earlier version of the service. Version 2 builds built upon the experience we have gained through this process.)
The Fixity Audit service is intended to provide a high level of confidence in the authenticity of managed digital resources. In other words, it is concerned with verifying the a given unit of digital content conforms to a known, and trusted, state. This is an important consideration in view of the multitudinous threats and risks that digital content is subject to, including media degradation, software or hardware failure, natural disasters, and inadvertent or malicious human behavior.
One of the key assumptions behind the design of the Fixity Audit service is that the content that may be subject to periodic fixity verification may be managed in a variety of services and systems, including, but not limited to, Merritt. So an important design decision was to represent the unit of verification (what we refer to as the “item”) by a URL, which can point to an arbitrary web-accessible location. (The service also accepts “file” scheme URLs that reference content on a physically-attached file system.) Each item is associated with a known size and message digest value. Supported digest types include: Adler-32, CRC-32, MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512,. (UC3 recommends the use of SHA-256, which provides a reasonable balance between computational efficiency and cryptographic security.)