Before we demonstrate how the open archival information system (OAIS) can be used to preserve information, let’s think about the reasons for preserving it in the first place. What qualifies information to be transferred to an archive instead of deleting it, when it is not needed for your day-to-day use anymore? Why not simply delete it?
There are usually several reasons for archiving information, but the two main ones are most often regulatory compliance and business needs. Both force a business to make sure that information is not deleted or modified until their obligation to preserve the information has expired.
One of the requirements that needs to be followed – when looking at US law for example – is the Sarbanes-Oxley-Act (SOX). SOX was passed in the early 2000s as a reaction to corporate and accounting scandals. It does not only oblige companies to protect electronic documents that must be retained against deliberate deletion, alteration or destruction, but they must also be able to prove that no alterations or manipulations have been made to these documents. SOX is only one requirement that needs to be addressed. Considering a company that is located in different countries or even continents makes the assessment of considering all the requirements more complex.
Digital technology can come in handy to store information subject to retention. However, “the rapid obsolescence of digital technologies creates considerable technical dangers, particularly a much greater risk than in the past of losing the possibility of restoring, rendering or interpreting information.” This means that it is not sufficient to simply store the information, you have to make sure, that the information can be read and interpreted correctly, even after a long period of time. Just consider the fact that the software, which was used to create a certain information, is not available anymore. How are you going to look at an excel sheet if Microsoft Excel is not available anymore?
Knowing these requirements leaves a company with the question how they are going to ensure the safekeeping of their information. This is where OAIS comes into play.
Since the question of preserving information is such a broad one, there have been several approaches in addressing it. The most prominent was developed by the Consultative Committee for Space Data Systems (CCSDS). They developed OAIS which is “an archive, consisting of an organization, which may be part of a larger organization, of people and systems that has accepted the responsibility to preserve information and make it available for a designated community”. This approach has become the ISO standard 14721:2012 for archiving.
The ISO standard 14721:2012 describes which storage and preservation functionality an archive needs to provide in order to qualify as an OAIS archive. Figure 1 gives a simplified overview of the complete OAIS structure. There are six main functionalities being surrounded by an environment which is comprised of three types of roles.
One of the roles is a producer. The producer can be a person or a system that provides the information that needs to be preserved. Management is responsible to set global policies for the OAIS. The consumer on the far-right side is the designated community which interacts with the OAIS services in order to obtain preserved information.
In OAIS a producer that provides information to the archive does this in a format called a Submission Information Package (SIP). Once the information is inside the archive, the information package is called an Archival Information Package (AIP). Finally, when an information is being requested and given to a consumer it is called a Dissemination Information Package (DIP).
Some of the responsibilities of the five functionalities that an OAIS archive takes care of are:
For more details consider reading the recommended practices which you can find in the official Magenta Book.
We have seen that preserving information is important and that the OAIS reference model was designed to help us with that. Unfortunately, that is not the whole story. There are still a lot of individual aspects that need to be considered. OAIS was designed not to be too strict on how to implement the process. It gives a lot of freedom to the implementer, leaving room to make adaptions according to your needs.
However, this is also part of the downside. It is necessary to define the requirements towards an archive for your individual use case. There are many software implementations out there that use the OAIS standard. However, they all do it quite differently. To know which one is the best fit for your company is essential.
For example, one company might only be interested to implement an archive to store all historical data, whereas another company wants to keep an archive for compliance reasons. The security aspect for the two different use cases can vary quite a lot. To ensure due diligence and preserve all required information, it is essential to create an adequate SIP containing all the necessary information including metadata. Metadata is especially important as it describes your information and gives it the right context.
It is therefore important to perform an adequate assessment before sending data off to the archive. This is where migration center can be of essential use. It not only combines and protects the data, it also creates adequate SIP packages for the archive.
I hope you got at least a small sense of the approach a company can take in order to preserve their information. Keep in mind that the underlying OAIS process can be very helpful in your effort to keep your information safe. However, also remember that you need to adequately assess all the information and its metadata up front.
The effort to keep track of all these requirements can seem overwhelming at a first glance. That is why we are happy to bring in our experience to support you in setting up your archiving process. Feel free to get in touch to discuss your scenario with one of our experts.