1.
Building Communities of “Trust” Micah Altman, Institute for Quantitative Social Science, Harvard University Prepared for Private LOCKSS Networks: Community-based Approaches to Distributed Digital Preservation Educopia October 2010

2.
Collaborators* <ul><li>Margaret Adams, George Alter, Ed Bachman, Adam Buchbinder, Ken Bollen, Bryan Beecher, Steve Burling, Darrell Donakowski, Gary King, Patrick King, Bill Lefurgy, Jared Lyle, Marc Maynard, Amy Pienta, Lois Timms-Ferrarra. </li></ul><ul><li>Research Support </li></ul><ul><ul><li>Thanks to the Library of Congress (PA#NDP03-1), the National Science Foundation (DMS-0835500, SES 0112072), IMLS (LG-05-09-0041-09), the Harvard University Library, the Institute for Quantitative Social Science, the Harvard-MIT Data Center, and the Murray Research Archive. </li></ul></ul>Building Communities of “Trust” * And co-conspirators

3.
Related Work <ul><li>Reprints available from: http://maltman.hmdc.harvard.edu </li></ul><ul><li>Altman, M., Beecher, B., and Crabtree, J.; with L. Andreev, E. Bachman, A. Buchbinder, S. Burling, P. King, M. Maynard.. (2009). &quot;A Prototype Platform for Policy-Based Archival Replication.&quot; Against the Grain . 21(2): 44-47. </li></ul><ul><li>Altman, M., Adams, M., Crabtree, J., Donakowski, D., Maynard, M., Pienta, A., & Young, C. (2009). &quot;Digital preservation through archival collaboration: The Data Preservation Alliance for the Social Sciences.&quot; The American Archivist . 72(1): 169-182 </li></ul><ul><li>Myron Gutmann, Abrahamson, M, Adams, M.O., Altman, M, Arms, C., Bollen, K., Carlson, M., Crabtree, J., Donakowski, D., King, G., Lyle, J., Maynard, M., Pienta, A., Rockwell, R, Timms-Ferrara L., Young, C., 2009. &quot;From Preserving the Past to Preserving the Future: The Data-PASS Project and the challenges of preserving digital social science data&quot;, Library Trends 57(3):315-33 </li></ul><ul><li>Micah Altman, 2009. &quot;Transformative Effects of NDIIPP, the case of the Henry A. Murray Archive&quot;, Library Trends 57(3): 338-35 </li></ul>Building Communities of “Trust”

4.
Structuring Collaboration for Preservation <ul><li>Risks. </li></ul><ul><ul><li>How can virtual organizations reduce preservation risks? </li></ul></ul><ul><li>Trust. </li></ul><ul><ul><li>What trust relationships should virtual organizations establish among members? </li></ul></ul><ul><li>Evaluation. </li></ul><ul><ul><li>How should the virtual organization and relationships be evaluated? </li></ul></ul>Building Communities of “Trust”

5.
Conjectures <ul><li>Organizations reduce preservation risk by: </li></ul><ul><ul><li>Providing systematic redundancy across diverse … </li></ul></ul><ul><ul><ul><li>Technical approaches: software, hardware, formats </li></ul></ul></ul><ul><ul><ul><li>Institutional environments: funding models, legal regime </li></ul></ul></ul><ul><ul><ul><li>Institutional control: curation, deaccessioning </li></ul></ul></ul><ul><ul><li>Enhancing preservation readiness: </li></ul></ul><ul><ul><ul><li>Awareness of risks and risk management approaches </li></ul></ul></ul><ul><ul><ul><li>Awareness & use of best practices </li></ul></ul></ul><ul><ul><ul><li>Active exercise of cataloging information, licensing terms, API’s </li></ul></ul></ul><ul><li>Trust and evaluation should be based on: </li></ul><ul><ul><li>Linking policy objectives to explicitly-defined roles, actions, and expected outcomes </li></ul></ul><ul><ul><li>Continuous evaluation and monitoring based on organizational incentives, capacity, & commitments </li></ul></ul>Building Communities of “Trust”

6.
One tool… SAFE-Archive Policy-Based Replication & Auditing <ul><li>Facilitating collaborative replication and preservation with technology… </li></ul><ul><li>Collaborators declare explicit non-uniform resource commitments </li></ul><ul><li>Policy records commitments, storage network properties </li></ul><ul><li>Storage layer provides replication, integrity, freshness, versioning </li></ul><ul><li>SAFE-Archive software provides monitoring, auditing, and provisioning </li></ul><ul><li>Content is harvested through HTTP (LOCKSS) or OAI-PMH </li></ul><ul><li>Integration of LOCKSS, The Dataverse Network, TRAC </li></ul>Building Communities of “Trust”

7.
Storage Layers Other than LOCKSS Building Communities of “Trust” System Risks Advantages LOCKSS <ul><li>Single implementation </li></ul><ul><li>Small installed base </li></ul><ul><li>Small development community </li></ul><ul><li>Scalability </li></ul><ul><li>Designed for preservation </li></ul><ul><li>Fault-tolerant </li></ul><ul><li>Minimal trust model </li></ul><ul><li>Harvesting functions </li></ul>IRODS <ul><li>Single implementation </li></ul><ul><li>Small installed base </li></ul><ul><li>-Small development community </li></ul><ul><li>-Complexity of rules system </li></ul><ul><li>-No integrity built in (use ACE?) </li></ul><ul><li>Flexible rules </li></ul><ul><li>Scaleable </li></ul>GnuNet, Freenet, Tahoe-LAFS <ul><li>Complexity of integration </li></ul><ul><li>No support for versioning </li></ul><ul><li>Fault tolerant </li></ul><ul><li>Moderate installed base </li></ul><ul><li>Multiple implementations </li></ul>CrashPlan SpiderOak Mozy <ul><li>Closed source </li></ul><ul><li>Difficult to integrate with </li></ul><ul><li>Licensing fees </li></ul><ul><li>Multiple implementations </li></ul><ul><li>Extensive target storage support </li></ul><ul><li>Extensive reporting </li></ul><ul><li>Commercial support </li></ul>

8.
Why this tool? <ul><li>To facilitate institutions in making commitments aligned with their policies and incentives, and </li></ul><ul><li>Automatically execute and monitor those commitments and policies </li></ul><ul><li>Support Data-PASS partnership agreements and transfer protocols </li></ul><ul><li>This tool provides a thin slice of functionality through the entire policy stack… </li></ul>Building Communities of “Trust”

9.
Another Why… Building Communities of “Trust” R.I.P.

10.
Organizational Support Building Communities of “Trust” NSDA PLN EDUCOPIA DATA-PASS SAFE

11.
Risk Management <ul><li>Risk Identification </li></ul><ul><li>Vulnerability Analysis </li></ul><ul><li>Process, Systems, Institutional Controls </li></ul><ul><li>Detection </li></ul><ul><li>Verification </li></ul><ul><li>Diversification </li></ul><ul><li>Replication </li></ul><ul><li>Insurance </li></ul>Building Communities of “Trust” <ul><li>Economic models </li></ul><ul><li>Advocacy </li></ul><ul><li>Outreach </li></ul><ul><li>Mission </li></ul><ul><li>Strategic planning </li></ul><ul><li>Strategic collaboration </li></ul><ul><li>Transparency </li></ul>Note on “distributed”: - “Distributed” -> multiple autonomous systems + communication channels, - distributed systems often associated with heterogeneous communication costs - “Distributed” ≠ {Replicated, Fault tolerant, Diversified} Sustainability

12.
Building Communities of “Trust” <ul><li>When Describing Mitigation Strategies </li></ul><ul><li>Describe threat category and source </li></ul><ul><li>Describe domain over which mitigation is applied </li></ul><ul><li>Describe what is being monitored or verified </li></ul>THREAT MODELS Category Source Technical Media failure natural, human error, malice Media obsolescence natural Format obsolescence natural Software infrastructure human error, malice Network infrastructure natural, human error, malice External Institution Third party attacks human error, malice Loss of funding natural, human error, malice Change of legal regime natural Internal Institution Curatorial modification human error, malice Loss of institutional knowledge natural, human error, malice Mission change human error Ingest incomplete human error, malice Acquisition failure natural, human error, malice

13.
Trust is an Overloaded Term <ul><li>Individual character - Mensch-like behavior </li></ul><ul><li>“ Trusted systems” </li></ul><ul><li>Provenance of content </li></ul><ul><li>Fault tolerant systems </li></ul><ul><li>Cryptographic privacy/integrity guarantees </li></ul><ul><li>Good inter-institutional relationships </li></ul><ul><li>Good institutional reputation </li></ul><ul><li>Statistical reliability </li></ul>Building Communities of “Trust”

14.
Evaluation Levels <ul><li>Do documented policies & procedures exist? SAS 70 Type I : point-in-time; controls in operation; documented/presented; suitable for control objective </li></ul><ul><li>Are operations consistent with policies and procedures? SAS 70 Type II: tests of control effectiveness over time </li></ul><ul><li>Do policies and procedures reflect appropriate/good/best practices in place to obtain objectives? FISMA Certification: evaluates objectives, threats, vulnerabilities, recommends controls </li></ul><ul><li>Are objectives, goals, mission, values consistent? Examples: CRL, charity navigator </li></ul><ul><li>Does institution have the fitness to honor commitments? Examples: CRL, Standard & Poor’s, Moody’s </li></ul>Building Communities of “Trust” System Analysis Threat Modeling Vulnerability Identification Analysis - likelihood - impact - mitigating controls Institute Selected Controls Testing and Auditing Information Security Control Selection Process

15.
What can we Learn from Open Source Dev <ul><li>Most OSS projects have limited success, at best </li></ul><ul><ul><li>Most fail/expire </li></ul></ul><ul><ul><li>Most have single/small group of developers </li></ul></ul><ul><li>If you build it, users may come </li></ul><ul><ul><li>Developers may come if people who use your tool also develop it </li></ul></ul><ul><li>Incentives </li></ul><ul><ul><li>Ego </li></ul></ul><ul><ul><li>Reputation </li></ul></ul><ul><ul><li>Linked to job incentives </li></ul></ul><ul><li>Structure </li></ul><ul><ul><li>Have a leader (or small cabal) at any point in time </li></ul></ul><ul><ul><li>Transparency </li></ul></ul><ul><ul><li>Governance is linked to participation </li></ul></ul>Building Communities of “Trust”

16.
Knowledge Goods Building Communities of “Trust” Software Best Practice Preserved Digital Content Storage Provisioning Funding (Thin Market) Acquisition Pool Clients

17.
More Questions <ul><ul><li>Policy and evaluation. </li></ul></ul><ul><ul><ul><li>What policies should members adopt to the use of collaboratives in their preservation strategy? </li></ul></ul></ul><ul><ul><ul><li>How should members document the ways in which collaboratives support their preservation strategy? </li></ul></ul></ul><ul><ul><ul><li>When a preservation strategy relies on a collaborative, how should evaluators approach assessment of the collaborative? </li></ul></ul></ul><ul><li>Examination of risks </li></ul><ul><ul><li>Which preservation risks are collaboratives/virtual organizations in the best position to mitigate? </li></ul></ul><ul><ul><li>What additional risks do virtual organizations and collaboratives create? </li></ul></ul><ul><ul><li>How do characteristics of a collaborative, such as geographical diversity affect its ability to reduce preservation risks for its members? </li></ul></ul><ul><li>How do we define “Trust” in ……. </li></ul><ul><ul><li>preservation partners </li></ul></ul><ul><ul><li>preservation technologies and components </li></ul></ul><ul><ul><li>preservation collaborations Who is trusting whom to do what? And what happens if they don’t? </li></ul></ul><ul><li>Trust but Verify </li></ul><ul><ul><li>How can collaborations balance trust and risk? </li></ul></ul><ul><ul><li>What evidence is required to substantiate trust? </li></ul></ul><ul><ul><ul><li>Audit Reports? </li></ul></ul></ul><ul><ul><ul><li>MOU’s? </li></ul></ul></ul><ul><ul><ul><li>Contracts? </li></ul></ul></ul>Building Communities of “Trust”

18.
Contact Us <ul><li>Micah Altman </li></ul><ul><li>maltman.hmdc.harvard.edu </li></ul><ul><li>Jonathan Crabtree </li></ul><ul><li>www.irss.unc.edu/odum/jsp/content_node.jsp?nodeid=522 </li></ul><ul><li>Nancy McGovern </li></ul><ul><li>www.icpsr.org/icpsrweb/ICPSR/staff/mcgovern.jsp </li></ul>Building Communities of “Trust”