Difference between revisions of "ESciDoc Component Checksum Calculation"
Jump to navigation
Jump to search
Line 32: | Line 32: | ||
*Some systems create checksums calculated by several different algorithms at the same time. Is it important also for eSciDoc Repository? | *Some systems create checksums calculated by several different algorithms at the same time. Is it important also for eSciDoc Repository? | ||
**see [http://ant.apache.org/bindownload.cgi Example: Ant Apache download] | **see [http://ant.apache.org/bindownload.cgi Example: Ant Apache download] | ||
* Is checksum also needed to prevent malicious manipulation? If so, signatures over these checksums are needed assuming someone who is able to change content in the storage backend may be also able to change FOXML in the storage backend. [[User:Frank|Frank]] 13:12, 12 March 2009 (UTC) |
Revision as of 13:12, 12 March 2009
Checksum calculation of eSciDoc component is important from several aspects:
- Long-term preservation aspects
- to ensure that users will get exactly the content that is stored in a eSciDoc repository instance
eSciDoc Object manager core service must make sure that the checksum is calculated for each internally managed content of an eSciDoc component.
Scenarios[edit]
- A checksum is always calculated for the newly created files
- A checksum is always calculated when file content is newly uploaded thus replacing previous content
Post-condition[edit]
- A checksum for internally managed content is available latest before an item is released
- The internally managed content checksum and the algorithm used is delivered with the component properties, or within the content properties
eSciDoc and Fedora checksum built-in functionality[edit]
Fedora enables calculation of the checksum for each Fedora datastream in the repository. The default configuration of Fedora does not perform the checksum calculation of Fedora object datastreams.
For more details see Fedora checksum calculation
However, there are two options:
- overwrite default Fedora checksum operation (as described in Fedora documentation)
- provide separate checksum operation from within internal logic of the Object manager component
Checksum Algorithms[edit]
- see Checksum@Wikipedia
- see Hash functions overview
- see MD5 algorithm
Questions[edit]
- Some systems create checksums calculated by several different algorithms at the same time. Is it important also for eSciDoc Repository?
- Is checksum also needed to prevent malicious manipulation? If so, signatures over these checksums are needed assuming someone who is able to change content in the storage backend may be also able to change FOXML in the storage backend. Frank 13:12, 12 March 2009 (UTC)