This chapter illustrates the tamper detection in audit logs. These logs are considered good practice for business systems, and are required by federal regulations for secure systems, drug approval data, medical information disclosure, financial records, and electronic voting. Given the central role of audit logs, it is critical that they are correct and inalterable. The chapter proposes mechanisms within a Database Management System (DBMS) based on cryptographically strong one-way hash functions that prevent an intruder, including an auditor or an employee or even an unknown bug within the DBMS itself, from silently corrupting the audit log. It also proposes that the DBMS store additional information in the database to enable a separate audit log validator to examine the database along with this extra information and state conclusively whether the audit log has been compromised.
|Original language||English (US)|
|Title of host publication||Proceedings 2004 VLDB Conference|
|Subtitle of host publication||The 30th International Conference on Very Large Databases (VLDB)|
|Number of pages||12|
|State||Published - Jan 1 2004|
ASJC Scopus subject areas
- Computer Science(all)