Digital Object Architcture An open approach to Information Management on the Net Bibliotheca Alexandrina Dr. Robert E. Kahn Corporation for National Research Initiatives Reston, Virginia November 19, 2009

Historically The initial challenge was to get different computers to interoperate when they are all on a single network. Subsequently, the Internet challenge was to get different packet networks to interoperate And enabling computers on those diverse networks to talk to each other reliably One initial objective was communicating bits without regard for what the receiver would later do with them Or for hostile intermediate actors Mission Accomplished in the mid 1970s Things have gotten much more sophisticated since then

What is the Internet Its a set of protocols and procedures that allow different computers and networks to interoperate. It links together virtually any packet network, independent of its internal characteristics The Internet is not itself a network. Rather its a global information system where the information flows allow the different constituent networks to work together.

Trust and Authentication These are both critical aspects Bits received can always be checked for correctness using agreed encryption techniques –Certain techniques may be easier to employ –Others may be more efficient But applications can be corrupted, and systems can be compromised But even if the underlying application runs (apparently) properly, one needs to be sure that nothing nefarious is going on?

Focusing I purposely focus in the remainder of these remarks on what one can do to manage information in the Internet environment I purposely do not address physical threats of the form that destroy capabilities. Surreptitious physical threats that modify capabilities lie in-between I assume that all system components as well as information in digital form may be viewed as logical entities, of the same genre – known as digital objects And communication between components (including users) is authenticable in a single logical fashion. Given this, the problem is transformed into two alternate ones –how can the authentication be managed systemically –how can the components protect themselves from information attacks.

Properties of DOs They are machine independent and portable from platform to platform Parts of a digital object may be accessed and protected separately from the object as a whole Authentication of a DO may be enabled by using fingerprints of one or more parts of a DO Which enables portability of such objects in many situations.

What are Digital Objects If you cant uniquely identify a digital object, it doesnt qualify as a digital object Its not the same as a name, its more like the objects dna. You can exist without a name, but not without your dna Like dna, the identifier must be a part of the digital object A digital object (DO) is defined as structured data, that is machine parsable, and which contains a unique persistent identifier.

Is that all there is to a DO? In one sense, yes. In another sense, no. An important part of a DO is what I call the payload. When one accesses a DO, the payload is normally what is wanted But a DO will generally have associated with it additional information, known as metadata, that provides state information about the DO. –Some of the metadata is always part of the payload –Some (or even all) of the metadata may be stored apart from the payload or even duplicated there And a part of the metadata may be transaction information referencing the use of that digital object.

Finding DOs In many cases, one may know the identity of a DO a priori or even its location; in other cases, one may only know properties or characteristics of a DO and must rely on that knowledge to find it. Search engines find web pages on the Internet by crawling the Web; but many computers, applications and systems are not available for a public crawl But they can be characterized explicitly by their owners, managers or creators or with their permission Systems that provide this information are called Metadata Registries. At a minimum, such registries respond to queries by returning the digital object identifiers, usually in a presentation format that can be visualized by a user. Within the government, a good example of a metadata registry is ADL-R, created for the Advanced Distributed Learning Initiative in the Pentagon.

Metadata Registries Are generally used for searching, browsing or creating collections of information They do not track operational details The identifiers they return may be resolved to determine the relevant state information via a resolution system We call these identifiers handles The Handle System is the pre-eminent system for resolving digital object identifiers

Handle System A general purpose resolution system A detailed description is at It has been operational on the net since 1994 and is in widespread use in many applications Software may be downloaded from the net and users can run their own local handle services Resolution of a handle produces a handle record which contains state information needed for immediate decision making or action For example, the state information may contain –One or more IP Addresses –Terms and Conditions for access –Public Keys –Authentication information to validate the object itself

Repositories Repositories provide access to digital objects A repository may be a housed in a physical location, or it may be a mobile program. Communication with a Repository is via the digital object protocol which supports – Access to DOs based on handles – Authentication in both directions.

Repository Notion Storage System Digital Object Manager Digital Object Protocol REPOSITORY

DO Repository Server Software Takes inputs based on identifiers and returns digital objects Connects to existing and older legacy systems Based on an open architecture Achieves interoperability with other repository systems that support the protocol Can provide additional application dependent functionality, if desired, by depositing executable digital objects

Specific Interface Capabilities Standard Interface is at a meta level Allows new functionality to be added by defining new digital objects Supports Authentication of Users and Services Provides object level protection

Extensible Interface Where H1 is a handle for the operation to be applied to the Target DO H2. Similarly both A and B are known by their Handles HA and HB. The steps of the protocol are Establish a connection from A to B {Optionally} A asks B to authenticate himself If successful, A provides an input string to B {Optionally} B asks A to authenticate herself B provides the results of the operation Either party may choose to continue or close

Displaced Vulnerabilities? The Handle System can be attacked –But its fully distributed, can be replicated –And can be locally protected from external unauthorized intrusions so external actions wont affect local usage Private Keys can be lost –But revocation will prevent continued damage –And replication of digital objects can mitigate against corruption of information

Vulnerabilities (contd) Registries can be corrupted, or access denied to authorized users due to hostile action. Replication of registries is one solution to this problem. Repositories may be corrupted and produce the wrong information. One must take care where one trusts the deposit of information, just as one must take care in depositing other assets in, say, banks

Bottom Line This approach allows for digital information to be managed effectively over very long as well as very short time frames All the architectural components have well defined open interfaces, protocols and returned objects which will stand the test of time. The architecture allows investment into creating of digital information to be made once and easily ported from technology base to technology base. The modular nature of the architecture allows the system to be managed component by component