fixity - Verifying a file is unaltered or corrupted
SUNWsamfs
File fixity is a term used by digital preservationists and archivists when referring to the contents of a digital file being fixed or unchanged. Fixity checking verifies that a digital file has not been altered or corrupted and does not ensure the preservation of a digital file. Using the capabilities of Oracle HSM, files can be identified with a fixity attribute that validates a file's contents when a file is archived or stages and can be use to detect corrupted files allowing the corrective actions to be taken.
A file has a fixity attribute that is set using the
ssum
command or using the
sam_ssum (3x)
API. Using either of these methods cause the file's message
digest to be calculated with the specified algorithm. After
the calculation the message-digest is stored with the file
and the file is made immutable. The file also has its
generate, use and validated attributes set.
Once the fixity attribute is set it will never be removed
by Oracle HSM.
The fixity status and its message-digest can be
examined using the
sls (1)
command.
If the file has a known message-digest value it can be specified with either of the the command or the API. The supplied value is compared against the calculated and, if they do not match, the command or API function fails and fixity attribute is not set.
Every archive copy of a file with the fixity attribute has its message-digest calculated as is written to archive media. This value is compared to the value associated with the file. If the values do not match the archive copy is unusable.
Here is an example using the ssum command to set fixity:
with a SHA-256 message-digest algorithm:
ssum -F -a SHA-256 ∕qfs1∕archive∕document.png
If a file has a known SHA-256 message-digest value, the following example shows how it can be used to validate the fixity:
ssum -F -a SHA-256 -h 5ff20a4d0ed4a85b61147c76a8f54730 ∕qfs1∕archive∕paper.doc
Oracle HSM has additional capabilities that extend the preservation of files.
Files with the fixity attribute can be placed into an
Oracle HSM WORM file system. This extends the data preservation
by ensuring that files cannot be altered or removed even if
the immutability attribute is removed.
See
sam_worm (5)
for more information.
The
ssum
and
sam_ssum()
API function provide a data verification option. In addition to
forcing the generation and use of message-digests for archiving
and staging, this option prevents the release of a file until all
archive copies have been created and their message-digest values
verified. See
ssum (1)
command for more information.
When Oracle HSM archiver is configured to tape media for copies,
Data Integrity and Validation (DIV) can by used on capable
tape drives. While the message-digest is calculated for the file
every block written to the tape media has a separate checksum
generated and sent to the tape drive to validate the block. See
defaults.conf (4)
for additional information.
The fixity support in Oracle HSM is not without exposures:
If the file is not in a WORM file system a user with super-user priviledges can remove the immutability attribute making the file modifiable.
If for any reason a file with the fixity attribute is
altered or corrupted by removing its immutability, it will
not be detected until Oracle HSM attempts to archive the file.
It may be advantageous to use the
sfind
command with the ssum_F option to locate files with the
fixity attribute and audit their contents at regular intervals.
Using this command with the ssum_v
option will find fixity files without a validated
message-digest.
A user with super-user priviledges could alter the extended attribute containing the message-digest value causing the file to appear to be corrupted.
ssum (1),
sls (1),
sfind (1),
sam_ssum (3x),
defaults.conf (4)
sam_worm (5)
Oracle HSM Documentation Library
