The ACE prototype includes two major components: ACE Integrity Management System (ACE-IMS) and ACE Audit Manager (ACE-AM). The ACE-IMS is a server that issues integrity tokens, preserves the CSI values, and computes and publishes the witness values. The ACE-AM is a bridging component between the archive and the ACE-IMS, which is local to each archiving node. In a distributed setting, the audit managers work asynchronously independent of each other, and hence copies of the same object will be audited independently of each other.
The ACE-IMS, operating separately from the archive, provides two important services: integrity token issuing and CSI verification. The former service generates an integrity token upon a request from the archive. Using the digital object and the integrity token, the archive can at anytime construct the cryptographic summary corresponding to the round in which the digital object was registered. The CSI values will be maintained separately and independently by the ACE-IMS.
In a typical archiving environment, the integrity tokens can be stored either with the object itself or in a separate registry dedicated to authenticity metadata. In our prototype, we use a separate database to hold the integrity tokens.
The ACE Audit Manager (ACE-AM) is local to an archiving node whose main function is to pass information between the archiving node and the ACE-IMS. In particular, the ACE-AM selects a digital object to be audited, either based on the local periodic auditing policy of the archiving node or upon request from an archive manager or a user. It then retrieves the digital object’s integrity token, computes the hash of the object, and sends this information to the ACE-IMS.