Support immutability policy on object

Registered by zhang jun wei on 2014-07-23

When being used as the data store repository of enterprise content management software, immutability of record management is a top requirement in order for some record regulatory compliance such as DoD 5015.02-STD.

This blueprint is to propose the immutability capability on Swift as the storage side support which is similar to any other "WORM" storage system.

Here are the top requirements for the immutability support:
- If an object in Swift is marked as immutable for a given period of time, within this period neither its data nor meta-data can be modified or deleted by anyone. In addition, a new version of the object cannot be created.
- If the retention period expires, the object can only be deleted, but cannot be modified. Neither its data nor its metadata can be modified.
- Once the retention period is set, it can only be extended whether current retention period expires or not, but cannot be decreased or disabled.
- Container or account cannot be completely deleted if it has one or more objects that are still in retention period.
REST API to configure the retention settings should be provided.

The initial design is to define a middleware with a set of metadata to support the immutability, more details will be covered in low level design document after this is accepted.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
zhang jun wei
Direction:
Needs approval
Assignee:
zhang jun wei
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

This is great :) I wanted to something like this. Does this current proposal require immutability of actual files in the backend devices, enforced by file system (to be regulatory compliant ?) ? Or is it the assumption that objects are accessed only through Swift APIs ? -ppai

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.