Tamper Detection in Audit Logs

Research output: Chapter in Book/Report/Conference proceedingChapter

90 Scopus citations

Abstract

This chapter illustrates the tamper detection in audit logs. These logs are considered good practice for business systems, and are required by federal regulations for secure systems, drug approval data, medical information disclosure, financial records, and electronic voting. Given the central role of audit logs, it is critical that they are correct and inalterable. The chapter proposes mechanisms within a Database Management System (DBMS) based on cryptographically strong one-way hash functions that prevent an intruder, including an auditor or an employee or even an unknown bug within the DBMS itself, from silently corrupting the audit log. It also proposes that the DBMS store additional information in the database to enable a separate audit log validator to examine the database along with this extra information and state conclusively whether the audit log has been compromised.

Original languageEnglish (US)
Title of host publicationProceedings 2004 VLDB Conference
Subtitle of host publicationThe 30th International Conference on Very Large Databases (VLDB)
PublisherElsevier
Pages504-515
Number of pages12
ISBN (Electronic)9780120884698
DOIs
StatePublished - Jan 1 2004

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Tamper Detection in Audit Logs'. Together they form a unique fingerprint.

Cite this