In order to clarify the scope of the present invention, it is first necessary to state how the terms “data archiving” and “data preservation” are used in this application. Conventional approaches to digital data archiving, also termed digital data storage, use a variety of storage media such as magnetic tape or disk and optical tape or disk media, and may employ techniques such as periodic tape backup, redundant disk storage, and the like. Use of these storage media and techniques provides some level of assurance that a digital data file can be reliably retrieved for at least a few years after it is initially created and stored. In contrast to digital data archiving, digital data preservation is a relatively new concept for data storage. Only recently has it become apparent that there is considerable need for workable solutions that allow long-term storage of digital data for periods exceeding those provided by established data archiving methods. Conventional data storage and archiving systems provide limited term solutions that allow reliable retrieval of backed-up digital data for a period of approximately 5-10 years. Data preservation systems, on the other hand, must provide solutions that not only allow retrieval of digital data after much longer periods, but also are capable of allowing usability of the data for periods extending decades or even hundreds of years into the future. This life-span is conditioned in large part by the projected life-span of preservation media, expected to last for hundreds of years when stored under suitable conditions.
In contrast with conventional digital data archiving, digital data preservation offers a number of added advantages. For example, in order to be readable and usable years hence, archived digital data requires some type of migration, such as from one media type to another or from an earlier data format to a later data format. Without migration of some kind, archived digital data, over time, gradually becomes unreadable and therefore loses its value. In stages, the archived data first becomes unusable, as data formats, application software and operating systems are revised or replaced. Then, as reading and processing hardware and archival media become obsolete or age with time, the archived data simply becomes unrecoverable. The task of maintaining archived data in a useable form through migration can be daunting, requiring, over a period of years, that the archived data be translated from one data format to another or transferred from one storage medium to another, or transformed from old application to a new application. With repeated migration operations, there is increased likelihood of error and of loss of interpretable data. According to some industry estimates, as much as 5% of stored data can be lost during a typical migration operation. Thus, maintaining archived digital data for long periods of time may be costly and labor-intensive and can involve risk of data loss and the possibility of data tampering.
In contrast to such well-known difficulties with digital data archiving, digital data preservation would allow digital data to be retrievable in a readable state for many years. Ideally, digital data preservation would eliminate, or at least alleviate, any need for data migration and its concomitant costs and risks. Users of digital data preservation systems would thus enjoy the benefits of minimal risk for data tampering, loss, or obsolescence, even in the event of severe infrastructure disruption.
Digitally created documents, created using some sort of logic processor and maintained in file form, are often shared among multiple users in digital form, some only rarely being written to paper. Typically, digitally created documents are stored and transferred as files in open data formats, such as TIFF, HTML, JPEG, XML, PDF, or .txt, for example. By design, some of these open data formats can be routinely interpreted by software running on a number of different computer platforms. Alternately, other common data formats are designed to be proprietary, interpretable only using specific application software. A goal of digital preservation is to retain the usability and original intention of the data without requiring migration of data format or of data storage mechanisms, allowing files to be certifiably unaltered in their interpreted form, able to be used for purposes such as legal evidence, for example.
In order to have preserved records considered as “certifiably unalterable,” so that, for example, such records could even be considered as legal evidence, a preservation system would need to provide “Write-Once/Read-Many-Times/Erase-Once” function. Write-Once capability would disallow alteration of preserved data and unauthorized addition of records to preservation media. Read-Many-Times capability would allow retrieval of preserved data from the media with consistent accuracy. Erase-Once capability would assure complete expungement of specific data records as needed.
Current archiving methods for digital data, allowing access to data only in digital format, have a number of shortcomings. Among problems well known by those skilled in the data archiving arts are aging of equipment, limitations in the useful life of magnetic and optical storage media, and inevitable obsolescence of data formats, particularly where data formats are closely associated with specific hardware or with specific versions of operating systems or programming languages.
Long term preservation of digital data requires both that the original data be faithfully preserved and that this data can be interpreted in some form at any time in the future. This requirement means that the organization that stores the digital data can provide, at some future time, access not only to screen displays, printouts, and other system output, but also to the original data used to generate such output. To achieve this goal, methods for retrieving preserved digital data must be, insofar as is possible, independent of specific equipment. While there may have been various attempts at developing universally accepted data formats for different types of files, few standards have been developed or are likely to be adopted.
Human readability is a useful characteristic for a data preservation system. The encoding of data in human-readable form even provides advantages that have previously been overlooked in any scheme for data encoding and archival. For example, there are baseline advantages for verifying authenticity of a document encoded in human-readable form, and thus for irrefutably validating the fidelity of the document to its original source. Future users of a document would then be assured that a preserved version would be a valid and true copy of an original document.
FIG. 1 illustrates the conventional approach to digital data archiving. Digital data is processed by a central processing unit (CPU) 200 running some type of operating system 204. An application 202, using utilities available from operating system 204, provides digital data output in some binary, machine-readable form. This digital data output is only usable to the originating application 202, or to another software application compatible with application 202. The digital data output has value only when interpreted and presented by application 202 in some form, such as that of a static display of text or images, interactive calculation, web page with dynamic links, or multimedia presentation for example. In the conventional model of FIG. 1, a binary storage hardware apparatus 206 stores the digital data output from application 202 onto binary storage media 208, such as magnetic tape, disk, or optical disk. With the arrangement of FIG. 1, the archived data is in an application-dependent form and therefore becomes unusable if the originating application 202 or operating system 204 become obsolete. Archived data also becomes unusable as binary storage media 208 degrades over time.
Technology development, by which early systems and software become obsolete, replaced by increasingly more capable tools, is also an important consideration with respect to digital data preservation. Anticipated developments in data networking technology, in data interface methods, and in imaging technologies for storage and retrieval are likely to bring about corresponding changes in system hardware, with various components of a system becoming obsolete over time. Inherent to the design of a digital data preservation system solution must be a clear-cut strategy for allowing continuous upgrade, component by component, without jeopardizing the integrity and usability of the preserved digital data.
Analog preservation media, such as microfilm, have been widely used for long-term retention of documents, drawings, and flat ASCII files, where data is encoded visually as black and white images. Among proven benefits of such media are long lifetimes, capability for very high resolution, and inherent human readability. These analog preservation media have traditionally been used in systems employing optical cameras for recording and storing analog data, typically images of documents. With the growing need for retention of computer data, these analog media have also been employed in digital document archiving systems, such as the Document Archive Writer, Model 4800, manufactured by Eastman Kodak Company, Rochester, N.Y. Other Computer-Output-Microfilm (COM) recording systems have used similar analog media for long-term retention of processed and displayed data, in printout form. It is significant to note that existing systems use these types of analog preservation media solely for storing black and white images of documents that may be output by a typical application 202 (FIG. 1). Storage of digital data from application 202 is performed using conventional, magnetic or optical binary storage media 208.
A digital data file for preservation by a digital preservation system can originate from any of a number of sources and could comprise any of a number of types of data. As just a few examples, digital data files could be generated from scanned documents or scanned images, where the original source for the data was prepared or handled manually. Digital data files may comprise encoded bitonal images, grayscale images, or even color images, such as the halftone separations used in color printing. Digital data files could be computer-generated files, such as spreadsheets, CAD drawings, forms created on-line, Web pages, or computer-generated artwork. Interactive and sensory stimuli such as sound and animation can also be stored as digital data files. Digital data files might even contain computer software, in source code or binary code format. In summary, there can be a need for long-range preservation of any type of digital data file, whether the actual file content is meaningful to an observer, such as when the file contains a document of some kind, or to a computer, such as when the file consists only of encoded computer program instructions.
Preservation of a digital data file typically requires that the data file be packaged in some standard format, so that at least some amount of metadata, that is, data about the file itself, can be stored with the data. For example, metadata associated with a CAD file might identify the originating software and revision, date of creation and revision of the data, designer name, departmental and project-related identifiers, delivery or completion date, workflow listing, access permissions levels, and the like. Metadata content can include not only basic information such as file ID and look-up information, but also information that optimizes subsequent data retrieval and interpretation, such as image quality metrics, and media/writer characteristics.
The likely obsolescence of specific data formats over time confounds the problem of data preservation. Depending upon the type of data source and upon factors such as the specific nature of a data file, many data formats can be expected to fade from use, thereby jeopardizing possible recall of data content at some future time. A number of organizations have already encountered this problem, acknowledging that sizable amounts of stored data have become very costly or even impossible to retrieve reliably.
Meanwhile, there have been some promising solutions proposed for providing data in a form that will continue to be readable in the future. One method intended to achieve this goal is the extensible markup language (XML) initiative. XML, document type description (DTD), and XML Schema constructs provide a degree of self-definition, inherently open structure, and computer platform portability and provide tools for data formatting by which definitions of data components can themselves be stored as metadata associated with a data file. However, there has been no attempt thus far to provide solutions using extensible markup languages and techniques that support long-term preservation and retrieval of data.
There have been methods disclosed for storing documents in a machine-readable format that is perceptible to a human observer. PCT application 00/28,726 (Smith, Leonhardt, Frary) discloses storage of a two-dimensional document on a laser-writeable optical storage medium, wherein an image of the document is written onto the media along with the binary data representing the digital record. However, the solution disclosed in PCT application 00/28,726 is limited to storage of document data, which is merely a subset of the complete set of data types that may need to be preserved. A significant drawback of the PCT application 00/28726 system is that it employs conventional, optical storage medium, optical disk or tape written using a laser, thus limiting the lifetime of stored data. Furthermore, the Write-Many-Times characteristic of the system disclosed in PCT application 00/28726 makes the system unsuitable for preserving data records that are certifiably unaltered over time. Data written using the system disclosed in PCT application 00/28726 may be marginally “human-perceptible” in the sense that the visible effects of marking the optical medium under varying laser intensities could be perceived and interpreted by a human observer trained to interpret the resultant markings as binary 1s and 0s. However, this encoding method is inefficient in providing truly “human-readable” data that would be directly readable using a scanner or could even be read from the media by a human observer. Without intervening hardware, with its incumbent system dependencies, the binary data stored on the optical medium as disclosed in PCT application 00/28726 would be extremely difficult to obtain.
Commonly-assigned copending U.S. patent application Ser. No. 09/703,059, filed Oct. 31, 2000 discloses long term preservation methods for document data stored in virtual folders, utilizing an analog medium such as film. As with other solutions, this system does not provide the full set of possible preservation functions for a digital file. Significantly, the method noted in U.S. patent application Ser. No. 09/703,059 is limited to preserving the image of the document only, with no attempt to preserve the digitally created document data itself nor the metadata associated with the document in human-readable form.
The above-mentioned solutions, focusing more narrowly on saving documents and images for a time, have provided only “single point” solutions that are not adequate for addressing the larger data preservation problem. Documents themselves make up only a small subset of digital data that must be preserved. Typical forms of digital data other than documents that may require preservation include grayscale and color pictures and diagnostic images; spreadsheet data; satellite data and other instrumentation readings; audio, video and multimedia presentation data; software; HTML content; and database records, for example. It can be appreciated that preservation and retrieval of this broader base of digital data types requires alternate approaches beyond what may be needed for document preservation. For example, with digital data in this broader category, there may be a greater need for retention and retrieval of other underlying, related data, such as source data associated with or used to generate some part of an image or document.
Conventional archiving solutions have largely been implemented in piecemeal fashion. For example, aware of a need to archive specific documents or images, an organization typically purchases a writer and some form of compatible storage media. With a growing body of archived documents and images, some form of reader is then integrated into the system, possibly along with a printer for reprinting the archived image or document. Some form of record-keeping is maintained in order to track documents stored and to manage revision and disposal cycles. Over time, as different equipment becomes obsolete or as newer equipment becomes available, replacement and implementation of additional components allows growth or upgrade of the conventional system. Typically, a considerable allocation of labor is required in order to work with components of the conventional system for entry of new archival documents and images and for servicing retrieval requests from users of the archival system.
In brief, the conventional archiving system must be designed by its users and assembled and integrated with components from different manufacturers. Strategies for system upgrade, for equipment replacement, for network interconnection, and for handling eventual obsolescence of the format of archived information are largely implemented ad hoc, resulting in considerable concern that such systems will provide their users with future access to valuable archived data.
There is growing awareness in legal and technology circles of the need for authentication of document data as genuine. Digital signatures have been developed as a widely accepted method for certifying the validity of an electronic document, where the document data may need to be transferred over a network or recorded onto a data medium. A digital signature is a binary data element that is computed using data characteristics of the electronic document itself and a private key that is unique to the signer. A publication of the NIST (National Institute of Standards and Technology), Federal Information Processing Standards Publication 186 (FIPS 186, May, 1994) entitled “Specifications for Digital Signature Standard (DSS)” terms a digital signature an “electronic analogue of a written signature.” The digital signature serves to verify that a document was signed by its originator and that a version of the document is identical to the original, without error in transmission, tampering, or other error.
When a digitally signed document is transmitted or stored, its digital signature is coupled to the document for later verification. A number of patents are directed to systems employing digital signatures, encoded timestamps, or similar verifiers for validating documents being stored or transferred, including the following:                U.S. Pat. No. 6,289,460 (Hajmiragha) discloses a document management system that includes a digital notarization scheme for providing security of stored documents.        U.S. Pat. No. 6,263,438 (Walker et al.) discloses a method and apparatus for timestamping secure document data.        U.S. Pat. No. 6,185,683 (Ginter et al.) discloses a document distribution environment that provides enhanced security and electronic signatures.        U.S. Pat. No. 5,790,677 (Fox et al.) discloses a system and method for electronic commerce using encryption for secure document distribution.        U.S. Pat. No. 5,765,152 (Erickson) discloses a secure on-line electronic media distribution system that employs digital signatures for data authentication.        
For each of the above-mentioned patents, only a digital workflow is involved, with digitally signed data handled as binary data elements throughout the process. There is no suggestion of how digitally signed data can be applied and used in systems that handle and preserve data in human-readable form.
While there have been conventional approaches for ensuring document data validity in storage, retrieval, and transfer operations using digital signatures, there are no known methods for preserving a digitally signed document in human-readable form. It can be appreciated that reliable methods for preserving such accompanying authentication information would have substantial value with a digital preservation system that maintains document data in human-readable form, for usability in the near or distant future.
Thus, it can be seen that there is a demand for a digital data preservation system that provides a way of preserving digitally signed document data with authentication, particularly where the document data itself is preserved in human-readable form.