Method and apparatus for the verification of server access logs and statistics

US 6,574,627 B1
Filed: 02/24/1999
Issued: 06/03/2003
Est. Priority Date: 02/24/1999
Status: Expired due to Fees

First Claim

Patent Images

1. An apparatus for the verification of server access logs, comprising:

an audit server, controlled by a certification agency, comprising means for receiving client requests, redirecting them to an application server needing access log verification, and storing corresponding log information;

the application server, controlled by an organization requiring log certification, comprising means for receiving and servicing client requests, for storing corresponding log information, and for redirecting a subset of said client requests to said audit server;

a message authentication device, that cannot be modified or inspected without detection by said certification agency, comprising means for receiving a log entry from said application server and generating a corresponding random code C, wherein said code C is generated cryptographically by said authentication device using secret keys that are stored internally to said authentication device, and are available only to said certification agency.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for verifying the correctness of server access logs. The server is required to transfer the relevant log information for each client request to, an authentication device. In a preferred embodiment, the device has to be tamper-evident and responds with a Message Authentication Code (MAC) and a binary digit B. The MAC is stored on an accessible medium by the server. If B=0, the request is processed normally. If B=1 (this happens with a small probability), the server is required to issue a “redirect” response to the client, instructing it to connect to a different server, controlled by a certification agency. The agency'"'"'s server logs this request and redirects it back to the original server, where it is eventually serviced. The certification agency periodically verifies each MAC and checks whether requests where B=1 correspond to an associated client log entry on its server. If this does not happen in a high number of cases, certification of the log file could be denied, based on the agency'"'"'s policy. A preferred embodiment of this invention is with the HTTP protocol, for the auditing of Web site popularity.

Citations

24 Claims

1. An apparatus for the verification of server access logs, comprising:
- an audit server, controlled by a certification agency, comprising means for receiving client requests, redirecting them to an application server needing access log verification, and storing corresponding log information;
  
  the application server, controlled by an organization requiring log certification, comprising means for receiving and servicing client requests, for storing corresponding log information, and for redirecting a subset of said client requests to said audit server;
  
  a message authentication device, that cannot be modified or inspected without detection by said certification agency, comprising means for receiving a log entry from said application server and generating a corresponding random code C, wherein said code C is generated cryptographically by said authentication device using secret keys that are stored internally to said authentication device, and are available only to said certification agency.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The apparatus of claim 1, wherein said authentication device further comprises means for storing log information internally.
  - 3. The apparatus of claim 2, wherein said authentication device is located where it can be accessed by the organization to be certified or by third parties, and is constructed so as to be tamper-evident.
  - 4. The apparatus of claim 2, wherein said authentication device is located where it can only be accessed by said certification agency.
  - 5. The apparatus of claim 1, wherein said authentication device further comprises means for generating authentication information.
  - 6. The apparatus of claim 5, wherein said authentication information comprises Message Authentication Codes, computed using secret keys that are stored internally to said authentication device, and are available only to said certification agency.
  - 7. The apparatus of claim 5, wherein said authentication information comprises digital signatures, computed with private keys that are stored internally to said authentication device, and may be available only to said certification agency.
  - 8. The apparatus of claim 5, wherein said random code C is produced by a physical process internal to said authentication device, and is authenticated by said authentication device.
  - 9. The apparatus of claim 5, wherein said authentication device is located where it can be accessed by the organization to be certified or by third parties, and is constructed so as to be tamper-evident.
  - 10. The apparatus of claim 5, wherein said authentication device is located where it can only be accessed by said certification agency.
  - 11. The apparatus of claim 5, wherein said authentication device further comprises means for generating a sequence code, associated and authenticated with every said log entry.

12. A method for the auditable logging of client requests to an application server, comprising the following steps:
- passing a log entry, computed based on said client request, to a message authentication device;
  
  obtaining from said authentication device a random code C, wherein said code C is generated cryptographically by said authentication device using secret keys that are stored internally to said authentication device;
  
  storing said log entry, together with said random code C;
  
  servicing the client request as required by the application protocol if said code C belongs to a first set of possible values;
  
  redirecting the request to an audit server if said code C belongs to a second and disjoint set of possible values.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12, wherein said application server is an HTTP server.
  - 14. The method of claim 12, wherein said application server is a protocol server at the application level, and where redirection i s possible.
  - 15. The method of claim 12, further comprising the step of obtaining message authentication information from said authentication device, and storing it on accessible storage means.
  - 16. The method of claim 15, wherein said authentication information is computed with respect to log entries, comprising a sequence code and a corresponding said random code C.
  - 17. The method of claim 15, wherein said authentication information is computed with respect to log entries, comprising a sequence code, and where the corresponding said code C can be determined by an audit agency, by means of secret keys shared with said authentication device.
  - 18. The method of claim 15, wherein said authentication information comprises a Message Authentication Code.
  - 19. The method of claim 15, wherein said authentication information comprises a digital signature.

20. A method for auditing, verifying, and certifying the access log files of an application server, comprising the following steps:
- installing and running an audit server, that logs client requests;
  
  verifying that each entry of said application server log files has an associated sequence code and that such sequence codes occur in said log files in a preset order and without omissions;
  
  verifying the integrity and the authenticity of said application server log files;
  
  verifying that selected log entries included in said application server log files correspond to a log record on said audit server, wherein said log entries are selected based on the value of a random code C, wherein said code C is generated cryptographically by an authentication device using secret keys that are stored internally to said authentication device;
  
  producing a certification of said log files, based on the outcome of the previous steps, and on a previously agreed certification policy.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The method of claim 20, wherein each entry of said application server log files further comprises a random code C, and wherein said selected log entries correspond to a subset of the possible values of said code C.
  - 22. The method of claim 20, wherein said selected entries are chosen based on a cryptographic random code generation.
  - 23. The method of claim 20, wherein said audit server further comprises the function of redirecting client requests to the application server that originally received said client requests.
  - 24. The method of claim 20, further comprising the step of periodically verifying the integrity of tamper-evident authentication devices used by said application server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Francesco Bergadano, Pancrazio D.E. Mauro
Original Assignee
Francesco Bergadano, Pancrazio D.E. Mauro
Inventors
Bergadano, Francesco, De Mauro, Pancrazio
Primary Examiner(s)
HOMERE, JEAN RAYMOND

Application Number

US09/256,417
Time in Patent Office

1,560 Days
Field of Search

707/10, 707/9, 707/202, 707/201, 709/203, 709/219, 709/229, 713/156, 713/161, 713/168, 713/170, 713/176, 713/182
US Class Current

1/1
CPC Class Codes

H04L 43/00   Arrangements for monitoring...

H04L 63/126   the source of the received ...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 67/02   based on web technology, e....

H04L 67/535   Tracking the activity of th...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

Y10S 707/99939   Privileged access

Y10S 707/99952   Coherency, e.g. same view t...

Y10S 707/99953   Recoverability

Method and apparatus for the verification of server access logs and statistics

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for the verification of server access logs and statistics

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links