Abstract
The auditability of information systems plays an essential role in public administration. Information system accesses are saved in log files so auditors can later inspect them. However, there are often distinct stakeholders with different roles and different levels of trust, namely the IT Department that manages the system and the government ministries that access the logs for auditing. This scenario happens at the Portuguese judicial system, where stakeholders utilize an information system managed by third-parties. This paper proposes using blockchain technology to make the storage of access logs more resilient while supporting such a multi-stakeholder scenario, in which different entities have different access rights to data. This proposal is implemented in the Portuguese Judicial System through JusticeChain. JusticeChain comprises the blockchain components and blockchain client components. The blockchain components grant log integrity and redundancy, while the blockchain client component is responsible for saving logs on behalf of an information system. The client allows end-users to access the blockchain, allowing audits mediated by the blockchain.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Androulaki, E., et al.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the 13th ACM EuroSys Conference (2018)
Bellare, M., Yee, B.S.: Forward Integrity For Secure Audit Logs. Technical report (1997)
Chen, Z., Yang, Y., Zhang, R., Li, Z.: An efficient scheme for log integrity check in security monitoring system. In: IET Conference Publications, vol. 2013, pp. 246–250 (2013). https://doi.org/10.1049/cp.2013.2026
Group, T.: ArchiMate® 3.0 Specification. Van Haren Publishing (2016)
Ma, D., Tsudik, G.: A new approach to secure logging. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 48–63. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70567-3_4
Pourmajidi, W., Miranskyy, A.V.: Logchain: blockchain-assisted log storage. In: 2018 IEEE 11th International Conference on Cloud Computing (CLOUD), pp. 978–982 (2018)
Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Commun. 32(9), 40–48 (1994)
Snodgrass, R.T., Yao, S.S., Collberg, C.: Tamper detection in audit logs. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, VLDB 2004, vol. 30, pp. 504–515. VLDB Endowment (2004)
Zheng, Z., Xie, S., Dai, H.N., Chen, X., Wang, H.: An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends (2017). https://doi.org/10.1109/BigDataCongress.2017.85
Acknowledgements
This work was supported by national funds through Fundação para a Ciência e a Tecnologia (FCT) with reference UID/CEC/50021/2019 (INESC-ID) and by the European Commission program H2020 under the grant agreement 822404 (project QualiChain).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Belchior, R., Correia, M., Vasconcelos, A. (2019). JusticeChain: Using Blockchain to Protect Justice Logs. In: Panetto, H., Debruyne, C., Hepp, M., Lewis, D., Ardagna, C., Meersman, R. (eds) On the Move to Meaningful Internet Systems: OTM 2019 Conferences. OTM 2019. Lecture Notes in Computer Science(), vol 11877. Springer, Cham. https://doi.org/10.1007/978-3-030-33246-4_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-33246-4_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33245-7
Online ISBN: 978-3-030-33246-4
eBook Packages: Computer ScienceComputer Science (R0)