AUDIT-LOG INTEGRITY USING REDACTABLE SIGNATURES
First Claim
1. A method of establishing the integrity of an audit record set, comprising:
- receiving a set of audit records;
generating a first set of random values wherein each audit record in the audit record set corresponds to at least one of the first set of values;
generating a second set of values based on an audit record and a corresponding value of the first set of values for each audit record in the audit record set;
generating a summary value based on the second set of values;
certifying the summary value to generate an integrity certificate enabling verification of the integrity of the audit record set; and
storing the audit record set and at least one of the first set of values and the integrity certificate.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of establishing the integrity of an audit record set is described. The method comprises receiving a set of audit records and generating a first set of random values wherein each audit record in the set corresponds to at least one value of the first set. The method further comprises generating a second set of values based on an audit record and a corresponding value of the first set for each audit record in the set and generating a summary value based on the second set of values. The method further comprises certifying the summary value to generate an integrity certificate enabling verification of the integrity of the audit record set and storing the audit record set and at least one of the first set of values and the generated digital signature.
-
Citations
21 Claims
-
1. A method of establishing the integrity of an audit record set, comprising:
-
receiving a set of audit records; generating a first set of random values wherein each audit record in the audit record set corresponds to at least one of the first set of values; generating a second set of values based on an audit record and a corresponding value of the first set of values for each audit record in the audit record set; generating a summary value based on the second set of values; certifying the summary value to generate an integrity certificate enabling verification of the integrity of the audit record set; and storing the audit record set and at least one of the first set of values and the integrity certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 19)
-
-
12. A method of establishing audit record integrity for a redacted audit record set based on a verifiable audit record set, comprising:
-
redacting an audit record from a verifiable audit record set comprising an integrity certificate and a first set of values, wherein each audit record in the audit record set corresponds to at least one of the first set of values; determining a first set of values corresponding to the remaining audit records after redaction of an audit record; determining a second set of values remaining corresponding to the redacted audit record; and storing the remaining first set of values and second set of values with the redacted audit record set and a integrity certificate of the verifiable audit record set. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method of verifying the integrity of a set of redacted audit records using a first set of values corresponding to a binary tree generated based on a seed value, a second set of values each generated based on a combination of at least one value from the first set of values and at least one audit record from the redacted audit record set, and an integrity certificate generated based on a verifiable audit record set from which the redacted audit record set originated, comprising:
-
generating a third set of values, based on the first set of values, wherein each audit record corresponds to at least one value of the third set of values; generating a fourth set of values based on;
(a) an audit record and a corresponding value from the third set of values and (b) the second set of values, for each audit record in the redacted audit record set;generating a summary value based on the generated fourth set of values; and generating a signal based on a result of applying a verification process to the generated summary value and the integrity certificate. - View Dependent Claims (18, 20)
-
-
21. A system for establishing the integrity of an audit record set, comprising:
-
a value generator arranged to generate a first value set comprising at least one of random and pseudo-random values corresponding to at least one audit record in the audit record set; a commitment generator communicatively coupled with the value generator and arranged to generate a second value set wherein each value of the second value set is based on applying a commitment scheme to an audit record of the audit record set and a value of the first value set corresponding to the audit record; and an authenticator value generator communicatively coupled with the commitment generator and arranged to generate a third value set based on the second value set and wherein the third value set comprises a summary value based on the second value set.
-
Specification