news     faq     contact us     prov

3.1 Generic structure of VEOs

The outermost layers of a VEO are the same for all types of VEOs. This commonality allows management systems to manage VEOs in the same way irrespective of the content of the VEO.

Figure 1. Top level of elements of a VEO.

A VERS Encapsulated Object (VEO) contains VEO Metadata, a Signed Object, one or more Signature Blocks, and a Lock Signature Block.

• VEO Metadata. The VEO Metadata consists of the VEO Format Description (M2) and Version (M3) elements.
  VEO Metadata is intended to introduce the VEO to a user who is reading the raw text of the VEO with no knowledge of VEOs or any VERS documentation. The scenario envisaged is that a programmer has been given a VEO, but no supporting documentation, and instructed to extract the record from it. The VEO Metadata occurs right at the beginning of the VEO and states the version, format and encoding of the object and identifies the documents where more information about can be found.
  The VEO Format Description (M2) is a text description of the format and encoding of the VEO, and the Version (M3) is the version of the PROS 99/007 Standard used. It should be noted that no trust can be placed in the information in either of these two elements as they are not protected by digital signature.
• Signature Block. A Signature Block element contains the information necessary to verify that the Signed Object has not been tampered with. This information includes a digital signature, the necessary certificates to validate the digital signature, and the identity of the algorithms used to calculate the digital signature. The signed object may be signed multiple times and so multiple Signature Blocks may be present, one for each digital signature. See section 5.3 for more information about this element.
• Lock Signature Block. The Lock Signature Block is used to prevent a forger from 'undoing' modifications. Its use is described in the section on Modified VEOs (see section 3.5.3). This element was added in Version 2 and so will not be present in Version 1 VEOs. A Lock Signature Block must be present in all Version 2 VEOs. (The Lock Signature Block element is marked as optional in the Document Type Definition (DTD), but this is only to allow Version 1 VEOs to validate against the DTD.)
• Signed Object. The Signed Object element contains the actual contents of the VEO and will differ depending on the type of VEO. The contents of a Signed Object element are protected from modification by the digital signatures contained in the Signature Block (M134) element.

Three types of VEOs are currently defined: Record VEOs (see section 3.3), File VEOs (see section 3.2) and Modified VEOs (see section 3.5). Other types of VEOs may be defined in the future.
A Signed Object element (M4) contains Object Metadata (M5), which describes the object, and the Object Content (M9) element, which contains the VEO itself. The Object Metadata consists of:
• Object Type (M6), which indicates the type of the VEO
• Object Type Description (M7), which is a short textual description of the purpose of the VEO
• Object Creation Date (M8), which is the date the VEO was created.

The Signed Object element in a Version 2 VEO must contain a vers:VEOVersion attribute. This attribute duplicates the information in the Version (M3) element. The reason for this duplication is that the Version (M3) element is not protected by the digital signature and can therefore be changed at will. The vers:VEOVersion attribute, however, is covered by the digital signature and so cannot be modified without detection.

An example of the basic structure expressed in XML follows.

   <?xml version="1.0" encoding="UTF-8" standalone="no" ?>
   <!DOCTYPE vers:VERSEncapsulatedObject SYSTEM "vers.dtd">
   <vers:VERSEncapsulatedObject
     xmlns:vers="http://www.prov.vic.gov.au/gservice/standard/pros99007.htm" 
     xmlns:naa="http://www.naa.gov.au/recordkeeping/control/rkms/contents.html">
    <vers:VEOFormatDescription>
     <vers:Text>
   This record conforms to the structure defined in "Management of Electronic
   Records, PROS 99/007 (Version 2.0)" Public Record Office Victoria, 2003.
   The structure of this record is represented using Extensible Markup Language
   (XML) 1.0, W3C, 1998.
     </vers:Text>
    </vers:VEOFormatDescription>
    <vers:Version>2.0</vers:Version>
    <vers:SignatureBlock vers:id="Revision:1-Signature:1">
    [...]
    </vers:SignatureBlock>
    <vers:LockSignatureBlock vers:signsSignatureBlock="Revision:1-Signature:1">
     [...]
    </vers:LockSignatureBlock>
    <vers:SignedObject vers:VEOVersion="2.0">
     <vers:ObjectMetadata>
      <vers:ObjectType>Record</vers:ObjectType>
      <vers:ObjectTypeDescription>
         This object contains a record; that is a collection of information
         that must be preserved for a period
      </vers:ObjectTypeDescription>
      <vers:ObjectCreationDate>
       2003-03-20T11:27:40-10:00
      </vers:ObjectCreationDate>
     </vers:ObjectMetadata>
     <vers:ObjectContent>
      <vers:Record>
       [...]
      </vers:Record>
     </vers:ObjectContent>
    </vers:SignedObject>
</vers:VERSEncapsulatedObject>

back to top

printer friendly

VERS Story | Standard | Assessment | Projects | Digital Archive | Training | Toolkit | Publications

Site last reviewed: 23 Sep 2009
© State of Victoria 2009 | Disclaimer | Privacy Statement