Using assurance models to aid the risk and governance life cycle
BT Technology Journal
On identity assurance in the presence of federated identity management systems
Proceedings of the 2007 ACM workshop on Digital identity management
Towards tamper-evident storage on patterned media
FAST'08 Proceedings of the 6th USENIX Conference on File and Storage Technologies
Providing secure services for a virtual infrastructure
ACM SIGOPS Operating Systems Review
Assurance for federated identity management
Journal of Computer Security - Digital Identity Management (DIM 2007)
Trust record: high-level assurance and compliance
iTrust'05 Proceedings of the Third international conference on Trust Management
| Hi-index | 0.00 |
Audit is an important aspect of good security and business practice; however, current solutions are not supportive of electronic data and processes. This paper describes an audit service that both acts as a central place for logging from heterogeneous IT systems and a place to search and check the audit data. Notarisation structures enabling a user to check the integrity of audit records and subsets of the audit chain relating to their transactions have been developed. The audit system uses a secure hardware device to create an alternative trust domain in which to run processes, maintaining the integrity of the audit trail whilst allowing it to be tightly integration and co-located with the overall IT infrastructure.