|
Hi, I’m new to the LTANS community but I understand that someone
has suggested using the WebDAV protocol to implement a long term archive.
I’ve spent some time thinking about whether this would be
desirable/feasible and would like to hear your opinion on that. 1. Why use WebDAV? WebDAV is already supported on Microsoft Windows and Linux
as a virtual mounted drive. The archive _could_ be designed to allow users the
convenience of using their favorite application to file/save and file/load
their data directly to and from the archive server. The popular Apache web
server includes a module supporting WebDAV which allows the implementer to
implement an arbitrary back end for WebDAV data storage (i.e. file system,
database, etc.). WebDAV already provides the basic functionality of a file
archive through it’s GET, PUT, MKCOL (i.e. mkdir), COPY, MOVE, DELETE,
LOCK, UNLOCK, PROPFIND (property find), and PROPPATCH (property write/create) operations.
WebDAV properties can be associated with data objects and collection objects
(i.e. collections are similar to directories). WebDAV creates a namespace very
similar to the hierarchical directory structure used in a file-system but
allows the user to declare and manage arbitrary properties for each file or
collection. 2. How would the basic requirements of LTANS be implemented
using WebDAV? Submit data – PUT (creates or overwrites a data object
in the WebDAV archive) Retrieve data – GET (reads a data object in the WebDAV
archive) Delete data – DELETE (removes a data object from the
WebDAV archive) Specify/extend archivation period – PROPPATCH (store
the ‘archivation period’ in metadata associated with data object) Request/response authentication – Using Apache with
mod_dav to host WebDAV allows a large list of authentication methods for secure
communication with users. Delete must be authenticated – Each individual WebDAV
command (e.g. DELETE) may be individually restricted. Submitting data together with previously generated evidence
– PUT and PROPPATCH (evidence placed in metadata associated with data
object) Providing evidence records for data objects – PROPFIND
(get the evidence in metadata associated with data object) Work efficiently even for large amounts of archived data
objects – Using the Apache webserver to provide WebDAV allows the use of
an industrial strength server. Support for evidence that applies to a collection of data
objects – PROPPATCH/PROPFIND on the properties of the containing
collection object NOTE: The ‘archivation period’ and
‘evidence’ associated with a data object should be implemented
using WebDAV properties associated with each data object. Trusted archive
client software would have to be provided to support WebDAV property management
(i.e. using PROPFIND/PROPPATCH) for the data objects in the archive. NOTE2: For each WebDAV operation the URI of the resource
must be specified. Most WebDAV operations will also work on a collection (i.e.
dir) if that is specified. 3. How can we store binary evidence data using WebDAV
properties? WebDAV stores unbound file metadata as XML properties. XML
cannot store binary data without a conversion into one of the supported character
sets specified in the XML standard. Binary data must be converted or the XML
parser will halt with an error as soon as it encounters an invalid character
for the specified character set. There are a number of common conversion
methods (e.g. base64, Huffman coding, etc…) but none of them are as
efficient as leaving the data in binary form. Having binary data in the data
object isn’t a problem. For the properties associated with the data
object binary data must be converted. Summary: WebDAV can provide the basic archive services
required for LTANS. Further work must be done to map the server’s
evidence preservation activities into the WebDAV model. This is just a rough
cut at trying to provide a mapping of the LTANS requirements onto WebDAV. If
this idea is accepted favorably then I would recommend additional research on
WebDAV and the preparation of a more detailed proposal. It would be nice to
have a proposal that includes detailed use cases to explain how WebDAV
structures would be managed. I will look forward to your feedback and would be
willing to further develop these concepts... Warren Wilbur Orion Security Solutions, Inc. 703-917-0060 x34 |