Advertisement

Applying the SERENITY Methodology to the Domain of Trusted Electronic Archiving

  • Jan Porekar
  • Tomaž Klobučar
  • Svetlana šaljič
  • Dušan Gabrijelčič
Chapter
Part of the Advances in Information Security book series (ADIS, volume 45)

Abstract

We present the application of the SERENITY methodology to the domain of long-term trusted electronic archiving, sometimes also referred to as trusted digital notary services. We address the SERENITY approach from thepoint of view of a company providing security solutions in the mentioned domain and adopt the role of a solution developer. In this chapter we show a complete vertical slice through the trusted archiving domain providing: (i) the relevant S&D properties, (ii) the S&D classes and S&D patterns on both organizational and technical level, (iii) describe how S&D patterns are integrated into a trusted longterm archiving service using the SERENITY Run-Time Framework (SRF). At the end of the chapter we put in perspective what a solution developer can learn from the process of capturing security knowledge according to SERENITY methodology and we discuss how existing implementations of archiving services can benefit from SERENITY approach in the future.

Keywords

Trust Third Party Cryptographic Algorithm Digital Document Serenity Technology Electronic Archive 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    European Commission, IDABC Programme (2008) Model Requirements for the Management of Electronic Records - MoReq2 Specification, CECA-CEE-CEEAGoogle Scholar
  2. 2.
    Consultative committee for Space Data Systems (CCSDS) (2003) Reference Model for an Open Archival Information System (OAIS), Recommendation for space data system standardsGoogle Scholar
  3. 3.
    Adams C, Sylvester P, Zolotarev M, and Zuccherato R (2001) Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols, RFC 3029Google Scholar
  4. 4.
    Wallace C, Pordesch U, Brandner R (2007) Long-Term Archive Service Requirements, Network Working Group, IETF RFC 4810Google Scholar
  5. 5.
    Adams C, Cain P, Pinkas D, Zuccherato R (2001) Internet X.509 Public Key Infrastructure - Time-Stamp Protocol (TSP), RFC 3161Google Scholar
  6. 6.
    Gondrom T, Brandner R, Pordesch U (2007) Evidence Record Syntax (ERS), RFC 4998Google Scholar
  7. 7.
    Jerman-Blažič A, Šaljič S, Gondrom T (2008) Extensible Markup Language Evidence Record Syntax (XML2ERS), draft-ietf-ltans-xmlers-02 (work in progress)Google Scholar
  8. 8.
    Kunz T, Okunick S, Pordesch U (2008) Data Structure for Security Suitabilities of Cryptographic Algorithms (DSSC), Long-term Archive And Notary Services (LTANS), IETF Internet DraftGoogle Scholar
  9. 9.
    Jerman-Blažič A, Džonova-Jerman B, Klobučar T (2007) Long-term trusted preservation service using service interaction protocol and evidence records, Amsterdam: Elsevier Science Publishers. Computer Standards & Interfaces, Volume 28, Issue 3, pp. 398-412Google Scholar
  10. 10.
    Jerman Blažič A et al (2008) Long-term Archive Protocol (LTAP), IETF, draftGoogle Scholar
  11. 11.
    Jerman Blažič A, Sylvester P (2005) Provision of Long-Term Archiving Service for Digitally Signed Documents Using an Archive Interaction Protocol, Berlin, Springer - Public Key Infrastructure: pp. 240-254Google Scholar
  12. 12.
    e-Keeper, Security Technology Competence Centre (SETCCE), http://www.setcce.si/eng/index42d.php, Accessed 27 November 2008
  13. 13.
    Archisoft, Fraunhofer Institute for Secure Information Technology (SIT), http://www.sit.fraunhofer.de/EN/forschungsbereich/tad/archisoft.jsp, Accessed 28. October 2008

Copyright information

© Springer-Verlag US 2009

Authors and Affiliations

  • Jan Porekar
    • 1
  • Tomaž Klobučar
    • 2
  • Svetlana šaljič
    • 3
  • Dušan Gabrijelčič
    • 4
  1. 1.SETCCETehnološki ParkSlovenia
  2. 2.SETCCE and IJSTehnološki ParkSlovenia
  3. 3.SETCCETehnološki ParkSlovenia
  4. 4.Laboratory for Open Systems and NetworksJozef Stefan InstituteJamovaSlovenia

Personalised recommendations