Method and apparatus for the verification of server access logs and statistics
First Claim
1. An apparatus for the verification of server access logs, comprising:
- an audit server, controlled by a certification agency, comprising means for receiving client requests, redirecting them to an application server needing access log verification, and storing corresponding log information;
the application server, controlled by an organization requiring log certification, comprising means for receiving and servicing client requests, for storing corresponding log information, and for redirecting a subset of said client requests to said audit server;
a message authentication device, that cannot be modified or inspected without detection by said certification agency, comprising means for receiving a log entry from said application server and generating a corresponding random code C, wherein said code C is generated cryptographically by said authentication device using secret keys that are stored internally to said authentication device, and are available only to said certification agency.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for verifying the correctness of server access logs. The server is required to transfer the relevant log information for each client request to, an authentication device. In a preferred embodiment, the device has to be tamper-evident and responds with a Message Authentication Code (MAC) and a binary digit B. The MAC is stored on an accessible medium by the server. If B=0, the request is processed normally. If B=1 (this happens with a small probability), the server is required to issue a “redirect” response to the client, instructing it to connect to a different server, controlled by a certification agency. The agency'"'"'s server logs this request and redirects it back to the original server, where it is eventually serviced. The certification agency periodically verifies each MAC and checks whether requests where B=1 correspond to an associated client log entry on its server. If this does not happen in a high number of cases, certification of the log file could be denied, based on the agency'"'"'s policy. A preferred embodiment of this invention is with the HTTP protocol, for the auditing of Web site popularity.
-
Citations
24 Claims
-
1. An apparatus for the verification of server access logs, comprising:
-
an audit server, controlled by a certification agency, comprising means for receiving client requests, redirecting them to an application server needing access log verification, and storing corresponding log information;
the application server, controlled by an organization requiring log certification, comprising means for receiving and servicing client requests, for storing corresponding log information, and for redirecting a subset of said client requests to said audit server;
a message authentication device, that cannot be modified or inspected without detection by said certification agency, comprising means for receiving a log entry from said application server and generating a corresponding random code C, wherein said code C is generated cryptographically by said authentication device using secret keys that are stored internally to said authentication device, and are available only to said certification agency. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for the auditable logging of client requests to an application server, comprising the following steps:
-
passing a log entry, computed based on said client request, to a message authentication device;
obtaining from said authentication device a random code C, wherein said code C is generated cryptographically by said authentication device using secret keys that are stored internally to said authentication device;
storing said log entry, together with said random code C;
servicing the client request as required by the application protocol if said code C belongs to a first set of possible values;
redirecting the request to an audit server if said code C belongs to a second and disjoint set of possible values. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for auditing, verifying, and certifying the access log files of an application server, comprising the following steps:
-
installing and running an audit server, that logs client requests;
verifying that each entry of said application server log files has an associated sequence code and that such sequence codes occur in said log files in a preset order and without omissions;
verifying the integrity and the authenticity of said application server log files;
verifying that selected log entries included in said application server log files correspond to a log record on said audit server, wherein said log entries are selected based on the value of a random code C, wherein said code C is generated cryptographically by an authentication device using secret keys that are stored internally to said authentication device;
producing a certification of said log files, based on the outcome of the previous steps, and on a previously agreed certification policy. - View Dependent Claims (21, 22, 23, 24)
-
Specification