[Moims-rac] Authenticity

Helen Tibbo tibbo at email.unc.edu
Mon Sep 24 11:01:44 EDT 2007 

Dear WG members,

  Sorry I couldn't connect last week but I, too, have been looking at
definitions. Here's what I have so far:

 

Authenticity

 

"The quality of being authentic, or entitled to acceptance. As being
authoritative or duly

authorized, as being what it professes in origin or authorship, as being
genuine." (p. 1)

 

-InterPARES Glossary, 2001.
http://www.interpares.org/display_file.cfm?doc=ip1_glossary.pdf

 

 

Authenticity - the quality of being authentic - allows digital assets to be
reliably reused. An authentic

digital resource is one that is what it purports to be, is free from
corruption, and is intact in

all essential respects. Authenticity should be a consideration in all
digital preservation activities.

 

Maureen Pennock,  "Digital Preservation: Continued access to authentic
digital assets." 

DCC Briefing Paper ( 28 November 2006).
http://www.jisc.ac.uk/media/documents/publications/digital-pres-bp-v1-04-ab_
web.pdf

 

 

"The authenticity of a digital object refers to the degree of confidence a
user can have that the object is the same as that expected based on a prior
reference or that it is what it purports to be."

 

"Authenticity." PADI. Preserving Access to Digital Information. National
Library of Australia. http://www.nla.gov.au/padi/topics/4.html

 

"Authenticity: of a document, that is is the same as that which a user
expected based on a prior reference. (see also INTEGRITY)"

 

Working Definitions of Commonly Used Terms (for the purposes of the Cedars
Project) http://www.leeds.ac.uk/cedars/documents/PSW01.htm

 

"Underpinning authenticity and integrity and their preservation over time
are the concepts of fixity, stabilisation, trust, and the requirements of
custodians and users."

 

Seamus Ross, Integrity and Authenticity of Digital Cultural Heritage
Objects,  Digicult, p. 7.

 

 

Integrity

 

"Reliability and authenticity" of electronic records (p. 4)

 

The integrity of a record refers to its wholeness and soundness: a record
has integrity when it is

complete and uncorrupted in all its essential respects. This does not mean
that the record must

be precisely the same as it was when first created for its integrity to
exist and be demonstrated.

Even in the paper world, with the passage of time, records are subject to
deterioration, alteration

and/or loss. In the electronic world, the fragility of the media, the
obsolescence of technology, and

the idiosyncrasies of systems likewise affect the integrity of records. When
we refer to an

electronic record, we consider it essentially complete and uncorrupted if
the message that it is

meant to communicate in order to achieve its purpose is unaltered. This
implies that its physical

integrity, such as the proper number of bit strings, may be compromised,
provided that the

articulation of the content and any required elements of form remain the
same. (p. 20)

 

InterPARES Authenticity Task Force Final Report
http://www.interpares.org/display_file.cfm?doc=ip1_atf_report.pdf

 

"Integrity: of documents, to ensure that it is complete and unaltered from
the time of creation."

 

Working Definitions of Commonly Used Terms (for the purposes of the Cedars
Project) http://www.leeds.ac.uk/cedars/documents/PSW01.htm

 

Reliability

 

"Reliability refers to the authority and trustworthiness of the records as
evidence, the ability to stand for the facts they are about.. A record is
considered reliable when it can be treated as a fact in itself, that is, as
the entity of which it is evidence. For example, a reliable certificate of
citizenship can be treated as the fact that the person in question is a
citizen. 

 

Reliability is provided to a record by its form and procedure of creation.
The form of a record is the whole of its characteristics that can be
separated from the determination of the subjects, persons, or places the
record is about. A record is regarded as reliable when its form is complete,
that is, when it possesses all the elements that are required by the
socio-juridical system in which the record is created for it to be able to
generate consequences recognized by the system itself." (p. 6) 

 

 Luciana Duranti, "Integrity and Authenticity of Digital Cultural Heritage
Objects" Archivaria  39 (1995)

 

 

Dr. Helen R. Tibbo, Professor 
School of Information and Library Science 
201 Manning Hall 
University of North Carolina at Chapel Hill 
Chapel Hill, NC 27599-3360 
tibbo at ils.unc.edu 
Tel: 919.962.8063 
Fax: 919.962.8071 

From: moims-rac-bounces at mailman.ccsds.org
[mailto:moims-rac-bounces at mailman.ccsds.org] On Behalf Of Mark Conrad
Sent: Monday, September 24, 2007 10:48 AM
To: moims-rac at mailman.ccsds.org; D.L.Giaretta at rl.ac.uk
Subject: [Moims-rac] Authenticity

 

Hello!

 

As promised at last week's meeting, I have begun exploring what is meant by
the terms authentic and authenticity. Here is what I have found so far:

 

Use of the term "authentic" and "authenticity" in the TRAC document

 

B. Digital Object Management

 

. B6: The repository's ability to produce and disseminate accurate,
authentic versions of the digital
objects. (pg 21)

 

B6.10 Repository enables the dissemination of authentic copies of the
original or objects
traceable to originals.

 

Part of trusted archival management deals with the authenticity of the
objects that are disseminated. A
repository's users must be confident that they have an authentic copy of the
original object, or that it is
traceable in some auditable way to the original object. This distinction is
made because objects are not
always disseminated in the same way, or in the same groupings, as they are
deposited. A database may
have subsets of its rows, columns, and tables disseminated so that the
phrase "authentic copy" has little
meaning. Ingest and preservation actions may change the formats of files, or
may group and split the
original objects deposited.

 

The distinction between authentic copies and traceable objects can also be
important when transformation
processes are applied. For instance, a repository that stores digital audio
from radio broadcasts may
disseminate derived text that is constructed by automated voice recognition
from the digital audio stream.
Derived text may be imperfect but useful to many users, though these texts
are not authentic copies of the
original audio. Producing an authentic copy means either handing out the
original audio stream or getting
a human to verify and correct the transcript against the stored audio.

 

This requirement ensures that ingest, preservation, and transformation
actions do not lose information that
would support an auditable trail between the original deposited object and
the eventual disseminated
object. For compliance, the chain of authenticity need only reach as far
back as ingest, though some
communities, such as those dealing with legal records, may require chains of
authenticity that reach back
further.

 

A repository should be able to demonstrate the processes to construct the
DIP from the relevant AIP(s).
This is a key part of establishing that DIPs reflect the content of AIPs,
and hence of original material, in a
trustworthy and consistent fashion. DIPs may simply be a copy of AIPs, or
may result from a simple
format transformation of an AIP. But in other cases, they may be derived in
complex ways from a large
set of AIPs. A user may request a DIP consisting of the title pages from all
e-books published in a given
period, for instance, which will require these to be extracted from many
different AIPs. A repository that
allows requests for such complex DIPs will need to put more effort into
demonstrating how it meets this
requirement than a repository that only allows requests for DIPs that
correspond to an entire AIP.
A repository is not required to show that every DIP it provides can be
verified as authentic at a later date;
it must show that it can do this when it is required at the time of
production of the DIP. The level of
authentication is to be determined by the designated community(ies). This
requirement is meant to enable
high levels of authentication, not to impose it on all copies, since it may
be an expensive process.

 

Evidence: System design documents; work instructions (if DIPs involve manual
processing);
process walkthroughs; production of a sample authenticated copy;
documentation of community
requirements for authentication.
(pp 41-42)

 

C1.6 Repository reports to its administration all incidents of data
corruption or loss, and
steps taken to repair/replace corrupt or lost data.

 

Having effective mechanisms to detect bit corruption and loss within a
repository system is critical, but is
only one important part of a larger process. As a whole, the repository must
record, report, and repair as
possible all violations of data integrity. This means the system should be
able to notify system
administrators of any logged problems. These incidents, recovery actions,
and their results must be
reported to administrators and should be available.

 

For example, the repository should document procedures to take when loss or
corruption is detected,
including standards for measuring the success of recoveries. Any actions
taken to repair objects as part of
these procedures must be recorded. The nature of this recording must be
documented by the repository,
and the information must be retrievable when required. This documentation
plays a critical role in the
measurement of the authenticity and integrity of the data held by the
repository.

 

Evidence: Preservation metadata (e.g., PDI) records; comparison of error
logs to reports to
administration; escalation procedures related to data loss.
(pg 45)

 

Use of the term "authenticate" in the TRAC document

 

B1.3 Repository has mechanisms to authenticate the source of all materials.

 

The repository's written standard operating procedures and actual practices
must ensure the digital objects
are obtained from the expected source, that the appropriate provenance has
been maintained, and that the
objects are the expected objects. Confirmation can use various means
including, but not limited to, digital
processing and data verification and validation, and through exchange of
appropriate instrument of
ownership (e.g., submission agreements/deposit agreement/deed of gift).

 

Evidence: Submission agreements/deposit agreements/deeds of gift; workflow
documents; evidence of
appropriate technological measures; logs from procedures and
authentications.

 


Use of the term "authentic" and "authenticity" in the OAIS Reference Model
(Blue Book, January 2002)

 

The term "authentic" is not used in this document.

 

The term "authenticity" is used twice in this document.

 

2 OAIS CONCEPTS
The term 'archive' has come to be used to refer to a wide variety of storage
and preservation
functions and systems. Traditional archives are understood as facilities or
organizations
which preserve records, originally generated by or for a government
organization, institution,
or corporation, for access by public or private communities. The archive
accomplishes this
task by taking ownership of the records, ensuring that they are
understandable to the
accessing community, and managing them so as to preserve their information
content and
authenticity. Historically, these records have been in such forms as books,
papers, maps,
photographs, and film, which can be read directly by humans, or read with
the aid of simple
optical magnification and scanning aids. The major focus for preserving this
information has
been to ensure that they are on media with long-term stability and that
access to this media is
carefully controlled.
(pg 2-1)

 

Table 4-1: Examples of PDI Types
(pg 4-29)

 


The TRAC document uses the term "authenticate" in two different ways:

 

1. To authenticate a user of the archive (i.e., to verify the credentials
and authorizations of a person attempting to use the repository).

 

2. To verify the authenticty of an object in the repository.

 


Neither document offers a definition of authentic or authenticity. 

 

 

 

Based on its usage in the TRAC document one could deduce:

 

Authenticity and integrity are separate concepts.

 

An object may be traceable to an original without being an authentic copy of
the original.

 

An authentic copy of a digital object is one that has not lost any of the
information (the message) conveyed by the original.

 

One must maintain the chain of custody (referred to in the TRAC document as
the "chain of authenticity") of the original object to be able to produce
authentic copies of that original or objects traceable to that original..

 


 

 

Mark Conrad
Electronic Records Archives (ERA)
NHER 
The National Archives and Records Administration
Building 494 Second Floor
310 State Route 956
Rocket Center, WV  26726

 

Phone: 304-726-7355
Fax: 304-726-7361
Email: mark.conrad at nara.gov 
ERA Website: http://www.archives.gov/era/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ccsds.org/pipermail/moims-rac/attachments/20070924/92abbfb5/attachment-0001.html

More information about the Moims-rac mailing list