Before to describe Trust for Object (T4O) we define three important concepts:
- Trust: Fully sureness in the integrity, ability, or nature of a person or thing.
- Electronic object: A set of bits representing or willing to convey something.
- TrustObject is an electronic object created with Trust for Object (T4O) technology.
T4A technology allows us to maintain trust in a TrustObject created with T4O technology, ensuring its integrity, traceability and reversibility along time.
To provide integrity to an object for ever, up to now we’ve got no more two chances:
Applying warranties directly to the electronic object requesting a periodic timestamp (eg XAdES-A). The problem may arise when we have a large number of objects that need to timestamp or if you discover troubles in the algorithm used in timestamp and having to make an unplanned timestamp with a new algorithm.
Leting a system based on an electronic archiving solution taking the control over the perpetuity and integrity of an object. This way, the problem is usually that these solutions isn’t public, with the consequent problem of reversibility or obsolescence of the system.
For resolve this problems, we have created Trust for Archive (T4A), a free technology, Based in OAIS (ISO 14721: 2012) and NF-Z42-020, providing the highest possible trust for archived electronic object, giving integrity and traceability over time.
Free technology based on public standards guarantee the reversibility, perpetuity and intelligibility.
- Does not have BBDD dependence, all the information are stored in XML documents.
- The trust is directly proportional to trust in electronic signatures, TSA and the perimetral security used.
- Access is based on electronic signature owner.
- The engine implementation language is Java, and use JABX, Log4J and BouncyCastle.
- The actions in the performed services are encapsulated in a TrustObject, which also is archived.
- Traceability of every action also is archived by a TrustObject.
The services offered are:
- Archive, allows deposit a TrustObject and get an ID for its recovery.
- Delete, indicating the ID is possible to delete a TrustObject.
- Export, using the ID is possible to retrieve a TrustObject.
- Verify, to verify the validity and / or recovery an attestation of the TrustObject through its identifier.
- User, to retrieve all identifiers associated with an user, as well as the ObjectInfos of these identifiers.