Abstract
Audit is recognised as an important aspect of good security and business practice however, current solutions are not supportive of electronic data and processes. This paper describes an audit service that both acts as a central place for logging from heterogeneous IT systems and a place to search and check the audit data. Notarisation structures are proposed that demonstrate the integrity of the audit records and allow users to check the validity and integrity of subsets of the overall audit chain. The audit system is based upon secure hardware allowing audit systems to be tightly integrated into the overall IT infrastructure whilst remaining in an alternative virtual trust domain.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Haber, S., Stornetta, W.S.: How to time-stamp a digital document. Journal of Cryptology 3, 99–111 (1991)
Bayer, D., Haber, S., Stornetta, W.S.: Improving the efficiency and reliability of digital time-stamping. In: Sequences 1991: Methods in Communication Security and Computer Science, pp. 329–334. Springer, Heidelberg (1992)
Merkle, R.: Protocols for public key cryptography. In: IEEE Symposium on Security and Privacy, pp. 122–134 (1980)
Merkle, R.: A certified digital signature. In: Advances in Cryptology (1989)
Ferreira, A., Shiu, S., Baldwin, A.: Towards accountability for electronic patient records. In: The 16th IEEE Symposium on Computer-Based Medical Systems (2003)
Baldwin, A., Shiu, S., Casassa-Mont, M.: Trust services: A framework for service based solutions. In: 26th IEEE COMPSAC (2002)
Adams, C., Cain, P., Pinkas, D., Zuccherato, R.: Rfc 3161 internet x.509 public key infrastructure time stamp protocol, tsp (2001)
Baldwin, A., Shiu, S.: Encryption and key management in a san. In: IEEE Securit. In Storage Workshop, SISW 2002 (2002)
Baldwin, A., Shiu, S.: Hardware security appliances for trust. In: First International Conference on Trust Management. Springer, Heidelberg (2003)
FIPS: Security requirements for cryptographic modules. FIPS 140-2 (2001)
Smith, S., Palmer, E., Weingart, S.: Using a high performance programmable secure coprocessor. In: The second international conference on financial cryptography. Springer, Heidelberg (1998)
Itoi, N.: Secure coprocessor integration with kerberos V5. In: Usenix Security Symposium, pp. 113–128 (2000)
Smith, S., Safford, D.: Practical private information retrieval with secure coprocessors. Technical report, IBM Research T.J. Watson Research Centre (2000)
Buldas, A., Laud, P., Lipmaa, H., Villemson, J.: Time-stamping with Binary Linking Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 486–501. Springer, Heidelberg (1998)
Schneier, B.: Applied Cryptography Second Edition: protocols, algorithms and source code in C. Wiley & Sons, Inc, Chichester (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Baldwin, A., Shiu, S. (2003). Enabling Shared Audit Data. In: Boyd, C., Mao, W. (eds) Information Security. ISC 2003. Lecture Notes in Computer Science, vol 2851. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10958513_2
Download citation
DOI: https://doi.org/10.1007/10958513_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20176-2
Online ISBN: 978-3-540-39981-0
eBook Packages: Springer Book Archive