The present disclosure relates generally to computer science, and more particularly relates to a data processing and storage apparatus, a method for operating a data processing and storage apparatus and computer executable instructions on a computer-readable non-transitory storage medium for retention management on digitally stored data objects.
In business and legal practice the secure management of a retention date for a business record may become very important. The retention date denotes the end of the period a certain document or similar embodiment of information has to be kept available for retrieval. After expiration of the retention period the respective item may be deleted. In the world of digital storage, the retention data of a data record is commonly understood as a metadata associated thereto and preventing the storage system from fulfilling any request for deletion of the record before the retention date has been reached. An example might be digitally stored tax receipts which need to be kept for many years by law. To meet the requirements of the law the records have to be stored in a system that honors the retention date of the records and prevents the premature expunging of the record. Not sufficiently keeping the records as required by law can lead to legal consequences but also business consequences, e.g. loss of a copy of a signed contract. Therefore, retention management has to be protected from being tampered with or becoming corrupted by hazard.
Known solutions to the record's protection problem can be relatively easily bypassed or “hacked”. Simple examples of tampering are modifying the retention date in a database where retention dates are usually kept. As another simple but effective measure is “fast forwarding” the time on a system clock that can be done by a single operating system administrator thereby causing lots of documents and records becoming irrevocably destroyed. The same damage will result from an unintentionally wrong setting of the system time.
Especially in the context of cloud computing the control and protection of records has become more challenging as more and more system and solution components of a system managing retention are not controlled by the owner of a record but the cloud provider. Relatively strong protection is required that can work for a solution providing retention management in a cloud context.