Auditing method and service
First Claim
Patent Images
1. A method for verifying at least one event record, said method comprising:
- receiving a said event record from a user;
retrieving an audit record corresponding to said at least one event record;
retrieving a full set of event records corresponding to said audit record, and for a same attribute value as specified for said event record;
for each said event record of said set, generating a digest of said event record and searching for said digest value in an audit record relating to a next event record in said set of event records; and
confirming whether said event record is true or false, by comparing said digest of said event record with a digest value found in said audit record.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of producing an audit record of at least one event, comprises: creating a message comprising: data relating to said event; a digest data; a time data; and signing said event data, digest data, and time data.
41 Citations
39 Claims
-
1. A method for verifying at least one event record, said method comprising:
-
receiving a said event record from a user;
retrieving an audit record corresponding to said at least one event record;
retrieving a full set of event records corresponding to said audit record, and for a same attribute value as specified for said event record;
for each said event record of said set, generating a digest of said event record and searching for said digest value in an audit record relating to a next event record in said set of event records; and
confirming whether said event record is true or false, by comparing said digest of said event record with a digest value found in said audit record. - View Dependent Claims (2, 3)
-
-
4. A service for verifying at least one event record, said service comprising the operations of:
-
(i) receiving a request for events according to a specified attribute value;
(ii) retrieving a full set of records according to said specified attribute value contained in said request;
(iii) generating a digest value for a record of said set; and
(iv) checking that said generated digest value matches a digest value contained in another record of said set. - View Dependent Claims (5, 6, 7)
-
-
8. A method of producing an audit record of at least one event, said method comprising:
-
creating a record comprising;
data relating to said event;
a digest data;
a time data; and
signing said event data, digest data, and time data. - View Dependent Claims (9)
-
-
10. An audit record comprising:
-
an event data describing an event;
a digest data;
a time stamp data; and
a digital signature. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method of generating a verifiable set of audit records, said method comprising:
-
generating a first audit record comprising at least one attribute having a value and a unique identifier data;
generating a second audit record comprising, a second event data;
said attribute having said attribute value; and
a digest of said first audit record. - View Dependent Claims (17, 18)
-
-
19. A method of verifying that a set of audit records consists of a complete set, said method comprising:
-
for a first said audit record;
extracting a digest value from said audit record;
selecting an immediately preceding audit record from said set;
generating a digest value of said immediately preceding audit record;
comparing said generated digest value with said digest value of said first audit record. - View Dependent Claims (20, 21)
-
-
22. An audit system comprising:
-
an event database capable of storing a plurality of event records, each said event record evidencing an event;
an audit management system, said audit management system operable for generating an audit record, said audit record comprising;
data relating to said event;
a digest of said event data;
a timestamp data;
and a digital signature.
-
-
23. A computer program comprising program instructions for:
-
creating a record comprising, data relating to an event;
a digest data;
a timestamp data; and
a signature applied to said event data, digest date and timestamp data. - View Dependent Claims (24)
-
-
25. A computer program comprising program instructions for generating a verifiable set of audit records by;
-
generating a first audit record comprising at least one attribute having a value and a unique identifier data;
generating a second audit record comprising;
a second event data;
said attribute having said attribute value; and
a digest of said first audit record. - View Dependent Claims (26)
-
-
27. A computer program comprising program instructions for verifying that a set of audit records consists of a compete set, by:
-
extracting a digest value from an audit record;
selecting an immediately preceding audit record from said set of audit records;
generating a digest value of said immediately preceding audit records; and
comparing said generated digest value with said digest value of said first audit record. - View Dependent Claims (28)
-
-
29. A computer program comprising program instructions for providing a verifiable record of an event by:
-
receiving an event message, said event message comprising data describing an event;
creating an audit record from said event data, said audit record comprising;
said event data;
a chaining data identifying a position of said audit record in a chain of said audit records;
a timestamp data indicating a time of receipt of said event data; and
a digital signature. - View Dependent Claims (30)
-
-
31. A computer program comprising instructions for verifying at least one event record by:
-
receiving a said event record from a user;
retrieving an audit record corresponding to said event record;
retrieving a full set of event records corresponding to said audit record, and for a same attribute value as specified for said event records;
for each said event record of said set, generating a digest of said event record and searching for said digest value in an audit record relating to a next event record in said set of event records; and
confirming whether said event record is true or false, by comparing said digest of said event record with a digest value found in said audit record. - View Dependent Claims (32)
-
-
33. An audit service for providing a verifiable record of an event, said audit service comprising the operations of:
-
receiving an event message said event message comprising data describing an event;
creating an audit record from said event data, said audit record comprising;
said event data;
a chaining data identifying a position of said audit record in a chain of said audit records;
a timestamp data indicating a time of receipt of said event data by said audit service; and
a digital signature. - View Dependent Claims (34)
-
-
35. An audit service for providing a verifiable record of a plurality of events, and an integrity between those events, said audit service comprising the operations of:
-
receiving a plurality of event messages, each said event message comprising data describing a corresponding respective event;
creating a respective audit record from each of said event messages, said audit record comprising;
an event data contained within said event message;
a chaining data identifying a position of said audit record in a chain of said audit records;
a timestamp data indicating a time of receipt of said event message by said audit service; and
a digital signature.
-
-
36. A method of creating a non-repudiable chain of audit records relating to a particular attribute, said method comprising:
for a particular attribute value, time stamping an original item of event information and a digest of an event information of a previous event for that attribute value.
-
37. A method for providing a non-repudiable audit record for a set of events, said method comprising:
-
for each event of a chain of said events, generating a hash function of the event;
dividing a plurality of said hash functions into a plurality of blocks, such that each said block comprises a plurality of said audit messages;
chaining together a plurality of said blocks to form a chain of blocks. - View Dependent Claims (38, 39)
-
Specification