An observation on associative one-way functions in complexity theory
Information Processing Letters
Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC)
Rewriting Histories: Recovering from Malicious Transactions
Distributed and Parallel Databases - Security of data and transaction processing
PDIS '94 Proceedings of the third international conference on on Parallel and distributed information systems
Flexible authentication of XML documents
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Database Management Systems
Mysql
Communications of the ACM
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
The Design of the POSTGRES Storage System
VLDB '87 Proceedings of the 13th International Conference on Very Large Data Bases
Transaction Timestamping in (Temporal) Databases
Proceedings of the 27th International Conference on Very Large Data Bases
VLDB '91 Proceedings of the 17th International Conference on Very Large Data Bases
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Using Codewords to Protect Database Data from a Class of Software Errors
ICDE '99 Proceedings of the 15th International Conference on Data Engineering
Authentic data publication over the internet
Journal of Computer Security - IFIP 2000
Ivy: a read/write peer-to-peer file system
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Fast and secure distributed read-only file system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Forensic analysis of database tampering
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Enabling the 21st century health care information technology revolution
Communications of the ACM - Spam and the ongoing battle for the inbox
L-diversity: Privacy beyond k-anonymity
ACM Transactions on Knowledge Discovery from Data (TKDD)
Threats to privacy in the forensic analysis of database systems
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Ensuring correctness over untrusted private database
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
An authentication and validation mechanism for analyzing syslogs forensically
ACM SIGOPS Operating Systems Review
Forensic analysis of database tampering
ACM Transactions on Database Systems (TODS)
The case of the fake Picasso: preventing history forgery with secure provenance
FAST '09 Proccedings of the 7th conference on File and storage technologies
Do You Know Where Your Data's Been? --- Tamper-Evident Database Provenance
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Preventing history forgery with secure provenance
ACM Transactions on Storage (TOS)
Trustworthy vacuuming and litigation holds in long-term high-integrity records retention
Proceedings of the 13th International Conference on Extending Database Technology
WORM-SEAL: trustworthy data retention and verification for regulatory compliance
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Efficient data structures for tamper-evident logging
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Policy-based management and sharing of sensitive information among government agencies
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Building disclosure risk aware query optimizers for relational databases
Proceedings of the VLDB Endowment
Efficient audit-based compliance for relational data retention
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Detecting privacy violations in sensitive XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Using personal portfolios to manage customer data
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Forensic discovery auditing of digital evidence containers
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Auditing a database under retention policies
The VLDB Journal — The International Journal on Very Large Data Bases
Generalizing database forensics
ACM Transactions on Database Systems (TODS)
| Hi-index | 0.00 |
Audit logs are considered good practice for business systems, and are required by federal regulations for secure systems, drug approval data, medical information disclosure, financial records, and electronic voting. Given the central role of audit logs, it is critical that they are correct and inalterable. It is not sufficient to say, "our data is correct, because we store all interactions in a separate audit log." The integrity of the audit log itself must also be guaranteed. This paper proposes mechanisms within a database management system (DBMS), based on cryptographically strong one-way hash functions, that prevent an intruder, including an auditor or an employee or even an unknown bug within the DBMS itself, from silently corrupting the audit log. We propose that the DBMS store additional information in the database to enable a separate audit log validator to examine the database along with this extra information and state conclusively whether the audit log has been compromised. We show with an implementation on a high-performance storage engine that the overhead for auditing is low and that the validator can efficiently and correctly determine if the audit log has been compromised.