VoteBox: a tamper-evident, verifiable electronic voting system
SS'08 Proceedings of the 17th conference on Security symposium
VoteBox nano: a smaller, stronger FPGA-based voting machine
EVT/WOTE'09 Proceedings of the 2009 conference on Electronic voting technology/workshop on trustworthy elections
A formal framework for specifying and analyzing logs as electronic evidence
SBMF'10 Proceedings of the 13th Brazilian conference on Formal methods: foundations and applications
A system for the proactive, continuous, and efficient collection of digital forensic evidence
Digital Investigation: The International Journal of Digital Forensics & Incident Response
| Hi-index | 0.00 |
Secure logs are powerful tools for building systems that must resist forgery, prove temporal relationships, and stand up to forensic scrutiny. The proofs of order and integrity encoded in these tamper-evident chronological records, typically built using hash chaining, may be used by applications to enforce operating constraints or sound alarms at suspicious activity. However, existing research stops short of discussing how one might go about automatically determining whether a given secure log satisfies a given set of constraints on its records. In this paper, we discuss our work on Querifier, a tool that accomplishes this. It can be used offline as an analyzer for static logs, or online during the runtime of a logging application. Querifier rules are written in a flexible pattern-matching language that adapts to arbitrary log structures; given a set of rules and available log data, Querifier presents evidence of correctness and offers counter examples if desired. We describe Querifier's implementation and offer early performance results.