Tamperproof Audit Logs

防篡改审计日志

• 批准号: 0415101
• 负责人: Richard Snodgrass
• 金额: $ 33万
• 依托单位: University of Arizona
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2005
• 资助国家: 美国
• 起止时间: 2005-09-01 至 2009-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0415101&HistoricalAwards=false
• 关键词: Tamperproof; Audit; Logs; Tamperproof; Audit; Logs

An audit log enumerates the changes, and often the accesses, that have been applied to a database. Audit logs are considered good practice for business systems, and are required by federal regulations for secure systems, drug approval data, medical information disclosure, financial records, and electronic voting. Given the central role of audit logs, it is critical that they are correct and unalterable.Mechanisms are developed, for implementation within a database management system (DBMS), based on cryptographically strong one-way hash functions, that prevent an intruder, including an auditor or an employee or even an unknown bug within the DBMS itself, from silently corrupting the audit log. The DBMS thus stores additional information in the database to enable a separate audit log validator to examine the database along with this extra information and state conclusively whether the audit log has been compromised, thus supporting tamper detection. Using a secure audit log replication protocol and the validator, tamperproof audit logs result. Good performance is essential: tamperproof audit logs will only realistically be used if their overhead is small.This research will enable an important and highly desirable capability to be added to existing database management systems: tamperproof audit logs. By instituting tamperproof audit logs, US federal regulations in many domains can be more effectively applied, lending confidence to the business leaders, government officials, and citizens who depend on these critical medical, financial, and voting systems. The PI will work closely with vendors to ensure that the approaches are consistent with existing technologies.This work is being developed on the open-source BerkeleyDB and MySQL systems, as an extension of these two systems and updates will be available via the project's Web site (http://www.cs.arizona.edu/tau/Audit/).

审核日志列举已应用于数据库的更改，通常是访问。审计日志被认为是业务系统的好实践，联邦法规要求安全系统，药物批准数据，医疗信息披露，财务记录和电子投票。鉴于审计日志的核心作用，至关重要的是，它们是正确且无法改变的。机械性是基于密码强的单向哈希功能，以在数据库管理系统（DBMS）内实施，以防止入侵者，包括审计师或雇员，甚至在DBMS内部的DBMS本身中的一个不知名的错误，从DBMS本身中默默腐败。因此，DBM将其他信息存储在数据库中，以启用一个单独的审核日志验证器，以检查数据库以及此额外信息，并最终确定审计日志是否已被损害，从而支持篡改检测。使用安全的审核日志复制协议和验证器，篡改审核日志结果。良好的性能是必不可少的：只有在其开销很小的情况下，才能实际使用防篡改审核日志。这项研究将使能够添加到现有的数据库管理系统中：Tamperproof Audit Logs。通过制定篡改审计日志，可以更有效地应用许多领域的美国联邦法规，向依赖这些关键医疗，财务和投票系统的商业领袖，政府官员和公民提供信心。 PI将与供应商紧密合作，以确保这些方法与现有技术一致。这项工作正在开源伯克利德B和MySQL Systems上开发，作为这两个系统和更新的扩展，可以通过该项目的网站获得（http://wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww.cs.arizona.edu/tau/tau/tau/tau/tau/audit/）。