|| Preservation Procedure Policy: Integrity
| Related Guidance Policy
| Definition/ Description
|| Integrity checking covers approaches like encryption, digital signatures, fixity checks etc.
See also the explanation in the section Bit preservation: Integrity measures
|| One of the main goals of digital preservation is that the preserved digital objects, once stored in the repository, are not changed without intent.
|| If the organization does not explain the measures it will take to avoid unnoticed loss, is might not achieve its goals. The risks can occur in many stages of the digital life cycle. A digital archive needs to describe a set of approaches it intends to implement in order to avoid the risks. The measures to take are very related to the operational IT tasks and are often already part of their work, but the preservation policy needs to make explicit that these measures will contribute to the authenticity of the digital objects
Relevant areas are:
- Ingest: The completeness of the digital object will need to be defined before ingest and could be part of the discussion with the content deliverer or producer. At ingest the received checksums can be compared with the checksums generated upon retrieval. This will show whether bits were lost during transportation. This measure should be implemented for all data movements, including when the data is moved inside the repository.
- Storage: moving data from one place to another needs to be accompanied by measures to check before and after the move whether the digital object is still complete and undamaged. This also applies to back up copies.
- Authentication measures to safeguard that personnel cannot make changes to the data stored or (unintentionally) delete (part of) digital objects.
| Life cycle stage
|| Preservation Planning Ingest, Preservation Action, Receive, Storage
|| Management: should decide on overall measures to maintain integrity
Operational management: should implement the measures
Producers: will contribute by supporting integrity measures (for example to send checksums with the digital object)
| Cross Reference
|| Bit preservation,
Functional Preservation [migration]
|| Parliamentary Records: “The record must be maintained to ensure that it is complete, and protected against unauthorised or accidental alteration. In this Policy, integrity is ensured through the bitstream preservation function […], and through the provision of metadata to describe all authorised actions undertaken in the course of content and bitstream preservation.”
| Control Policy
|| Possible control policies might be:
- All preservation events must be recorded
- Information on preservation events SHOULD use the PREMIS schema
- Information on preservation event MUST include date undertaken, action and agent
- The file checksum algorithm MUST be <name of algorithm>
- File checksum algorithm SHOULD be run on ingest
- Filechecksum-recalculation date <= today – 2 years
- Ingest checksum SHOULD be the same as recalculated checksum
| Questions to foster discussions
- Does your organisation negotiate with the producer or deliverer of the digital material for checksums to be delivered with the digital material in order to be able to compare checksums once the material has been delivered?
- Is your organisation willing to accept the delivery of digital material without a checksum?
- Will your repository create their own checksum on receiving digital objects?
- Does your repository have procedures implemented to regularly check the checksums?
- Does your repository have procedures to handle checksums in preservation actions?