Technical Appraisal

Methods of Electronic Records Technical Appraisal

Background

Due to the characteristic of electronic records of which carriers and contents can be separated, and digital contents are easy to be repudiated and fabricated on purposes. Besides, the higher odds of digital signature, encryption and hashing codes generation algorithms being deciphered, the faster of computation along with the latest computers. Therefore, the first priority issue of applying electronic records is how to preserve the integrity and authenticity of electronic records in the complete life cycles. 

Compared with traditional printed archives, users are able to view original textual contents with bare eyes. But they cannot read any electronic records without assistant equipment and software. It is necessary for viewing electronic records along with specific configuration. The other difficulty of application of electronic records is that we have to face the obsoleteness of hardware and software. When related equipment has been aging that means the accessibility of electronic records will be probably affected. 

The Purpose of Electronic Records Technical Appraisal

The purpose of electronic records technical appraisal is to validate the authenticity and integrity of preserved electronic records, including effectiveness of physical carriers, such as the proportion of electronic carriers damage. According to a usual technical the appraisal to generate these statistics of electronic records preservation, which includes categories of file formats, types of media, robustness of encryption, necessity of immediate migration, plans of feasible migrations and estimation of consecutive migration costs for decision makers’ references.

Scope of Electronic Records Technical Appraisal

The National Archives Administration has completed all official documents digitalization at our institution since March 2000 (the date of launching the National Archives Preparatory Office), which included electronic records embedded with digital signatures and scanned printed documents. The National Archives Administration had a pilot study for boosting intention of accepting online approval procedures. This feasibility study was accompanied with our Electronic Official Documents and Records Management System implementation, all electronic documents approved by online flow engine that were encapsulated by digital signatures. The formats of encapsulation had been modified 3 times that became the consistent standard format in related regulation. The latest version of digital content encapsulation has not been used until January 1st, 2008. The scope of this technical appraisal is as following table:

Type of Contents

Version of Encapsulations

Range of Documents Produced

Number of Official Document Item

  Online Approval

 Version 1

 2004/Aug-2005/Mar

      219

 Online Approval

 Version 2

 2005/Mar-2006/Apr

      200

 Online Approval

 Version 3

 2006/Apr-2007/Dec

   2,527

 Scanned Printed Documents Images

 Version 1

 2004/Aug-2007/Dec

 37,087

Evaluation Indicators and Validation Methods of Electronic Records Technical Appraisal

Indicator 1 Authenticity and Integrity of Electronic Records
Descriptions:

1. When records managers checked in electronic records and encapsulated storage media, they had validated the authenticity and integrity of digital contents of the electronic records. That means encapsulation must not be performed unless specific software tools confirmed the integrity of these electronic records.
2. Technical appraisal only validate the authenticity and integrity of the electronic records by inspecting the contents, including metadata, whether has been repudiated, damaged and counterfeited by some reasons.

Validation Methods:

1. Inspection of digital signatures of encapsulated stored media files.
2. Extract all details of official documents and of which corresponding hashing values from encapsulated stored media files.
3. Recomputed all of values of each digital envelope and hashing values to make sure the encapsulation without any repudiation and falsification.
4. Compare these original hash values of details of external files in the digital envelope.
5. Recount all hash values of external files to compare with their original hash values in encapsulations respectively.

Indicator 2 Effectiveness of Stored Media
Descriptions:


The execution unit of electronic records technical appraisal is stored medium. Completely inspected the contents of the stored medium, that means the digital contents of the stored medium of which digital signatures, hash values and external files were not destroyed, repudiated and fabricated.

Validation Methods:

1. Extract the details of stored media from electronic records encapsulation and backup logs.
2. Using batch inspecting and the mechanism of the automatic switching compact disks via juboxes.
3. Manual switching compact disks if without automatic switching mechanism.

Indicator 3 Types of Electronic Records
Descriptions:

1. Count the amount of stored media by types.
2. Using the outcome of technical appraisal for updating new media, replacing obsolete media, possible costs and evaluating necessity of migration.

Validation Methods:

1. Compile data about current stored media from electronic media encapsulation, backup, update, deposition logs.
2. Provide statistic reports about above.

Indicator 4 Types of Electronic File Formats
Descriptions:

1. Consecutively new textual, audio, video formats appear to substitute old ones.
2. Even a specific file format could develop different versions, of which compatibilities are not always straightforward.
3. When a new format or a new version invents, we should perform technical appraisal immediately.

Validation Methods:

1. Obtain the retention year of each case of official documents, and the types of electronic files when performing technical appraisal.
2. According to schedule year, do statistics of the amount of electronic records, types of electronic records, files formats and versions.

Indicator 5. Security Robustness of Digital Envelope
Descriptions:

1. Each copy of encrypted digital content with an independent encrypt key that will be kept into a digital envelope created by Government Certificate Authority along with corresponding algorithms.
2. Regularly evaluate the robustness of digital envelope.

Validation Methods:

1. Obtain the retention year, public key length of digital envelope of each official document when doing technical appraisal.
2. Compute the robustness in accordance with the public key length with bits.
3. Estimate the amount of different types of digital envelopes for destruction.

Indicator 6 Robustness of Application System Certificate
Descriptions:


Using the application system certificate of being issued by Government Certificate Authority to generate digital envelope, time stamps, records manager personal certificate, stored media encapsulation and so on.

Validation Methods:

The robustness is that the key length of Government Certificate Authority and the adopted digital signature algorithm.

Indicator 7 Robustness of Encryption
Descriptions:

1. The odds of encryption key of being deciphered that has been increasing day by day.
2. It could be necessary for performing technical appraisal regularly to re-encrypt and migrate electronic records with better robustness of encryption algorithm.

Validation Methods:

Compute the key length of encryption algorithm to infer the robustness of security of encapsulation.

Indicator 8 Robustness of Hash Values
Descriptions:

1. Keep hash values of external files that were not included in encapsulation.
2. First count the hash values of contents when signing digitally.

Validation Methods:

1. To use hash function to infer the security robustness of hash values
2. The rest of validation methods are same as above.

Indicator 9 Robustness of Personal Digital Signature
Descriptions:

1. Each checkpoint of online approval, the respondent has to deliver electronic documents with personal certificate.
2. The probability of personal certificate has been increasing that could become a serious problem in the near future.
3. Technical appraisal for electronic records has to be performed regularly. The appraisal has been based original digital signatures accompanied with the latest Government Certificate Authority for Application System. The whole procedures of each online approved case could be for reference on next migration.

Validation Methods:

Using the key length of personal certificate and digital signature algorithm to compute the robustness of personal digital signatures.

Last Updated: 2017-12-18
Visitor Counts: 46070