Method and system for providing a tamper-proof storage of an audit trail in a database

US 6,968,456 B1
Filed: 08/08/2000
Issued: 11/22/2005
Est. Priority Date: 08/08/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method for providing a tamper-proof storage of an audit trail having one or more records for a database system, the integrity of the audit trail being vulnerable to actions taken by an access-privileged user, the method comprising:

creating an initial authentication token and initial validation token for the audit trail from a Pseudo Random Number, a Timestamp, and a preliminary authentication token;

saving the initial authentication token as a current authentication token in a predetermined format in a secured information storage;

generating one or more validation tokens and authentication tokens sequentially from the initial authentication token and the initial validation token through a combination of at least one hashing process and at least one encryption process;

integrating the generated validation tokens in the records of the audit trail by a writing machine which is decoupled from the database and inaccessible by the user; and

validating, by an authorized auditor, the records of the audit trail by using the generated validation tokens in order to detect a tampering of the audit trail,wherein a writing and reading access to the secured information storage is given to the writing machine and only a reading access is given to the auditor, and wherein the Pseudo Random Number, the Timestamp, and the preliminary authentication token are saved in the secured information storage.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system is provided for a tamper-proof storage of one or more records of an audit trail in a database. Since the integrity of the database records may be vulnerable to actions taken by a user such as a privileged database administrator, a mechanism is provided to efficiently detect any changes made by him to the database records. The method creates one or more authentication tokens, and generates one or more validation tokens from the authentication tokens through a combination of a hashing process and an encryption process. Once the validation tokens are created, they are further integrated into the records in the database. The authentication tokens are written to a secured information storage in a predetermined format by a writing machine inaccessible by the user but accessible by the auditor. When an authorized person such as an independent auditor who needs to check the integrity of the records, he can detect a tampering of the records by comparing a validation token computed from the stored validation token with the validation token integrated in the record.

70 Citations

View as Search Results

17 Claims

1. A method for providing a tamper-proof storage of an audit trail having one or more records for a database system, the integrity of the audit trail being vulnerable to actions taken by an access-privileged user, the method comprising:
- creating an initial authentication token and initial validation token for the audit trail from a Pseudo Random Number, a Timestamp, and a preliminary authentication token;
  
  saving the initial authentication token as a current authentication token in a predetermined format in a secured information storage;
  
  generating one or more validation tokens and authentication tokens sequentially from the initial authentication token and the initial validation token through a combination of at least one hashing process and at least one encryption process;
  
  integrating the generated validation tokens in the records of the audit trail by a writing machine which is decoupled from the database and inaccessible by the user; and
  
  validating, by an authorized auditor, the records of the audit trail by using the generated validation tokens in order to detect a tampering of the audit trail,wherein a writing and reading access to the secured information storage is given to the writing machine and only a reading access is given to the auditor, and wherein the Pseudo Random Number, the Timestamp, and the preliminary authentication token are saved in the secured information storage.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 further comprising installing an initial record of the audit trail by the auditor.
  - 3. The method of claim 2 wherein the initial record of the audit trail has null content.
  - 4. The method of claim 1 wherein the step of creating further includes:
    - creating the initial validation token from the Pseudo Random Number, the Timestamp, and the preliminary authentication token by the auditor;
      
      creating the initial authentication token through a hashing process after concatenating the preliminary authentication token with the initial validation token; and
      
      integrating the initial validation token to the initial record of the audit trail.
  - 5. The method of claim 1 wherein the step of generating further includes:
    - creating the validation token for a selected record by encrypting the selected record with the then current authentication token saved in the secured information storage; and
      
      updating the value of the current authentication token by generating the authentication token through a hashing process after concatenating the created validation token with the then current authentication token saved in the secured information storage,wherein the above steps are conducted repeatedly for various records in the audit trail, and wherein any prior value of the current authentication token saved in the secured information storage is irreversibly deleted when an updated value is obtained.
  - 6. The method of claim 1 wherein the step of generating further includes:
    - creating a validation token for a selected record by concatenating, hashing, and encrypting the selected record with the saved authentication token; and
      
      updating the value of the current authentication token by generating the authentication token further through encrypting the created validation token,wherein the above steps are conducted repeatedly for various records in the audit trail, and wherein any prior value of the current authentication token saved in the secured information storage is irreversibly deleted when an updated value is obtained.
  - 7. The method of claim 1 wherein the step of integrating further includes adding a predetermined field to the record.
  - 8. The method of claim 1 wherein the step of validating further includes:
    - obtaining the saved Pseudo Random Number, Timestamp, and preliminary authentication token from the secured information storage;
      
      computing sequentially the validation tokens for the records of the database based on the obtained Pseudo Random Number, Timestamp, and selected preliminary authentication token;
      
      comparing each computed validation token with the integrated validation token in the record,wherein a tampering of the record is detected if the computed validation token is different from the integrated validation token in the record.

9. A computer program for providing a tamper-proof storage of an audit trail having one or more records for a database, the integrity of the trail being vulnerable to actions taken by an access-privileged user, the program comprising:
- program means for creating an initial authentication token and initial validation token of the audit trail from a Pseudo Random Number, a Timestamp, and a preliminary authentication token;
  
  program means for saving the initial authentication token as a current authentication token in a predetermined format in a secured information storage;
  
  program means for generating one or more validation tokens and authentication tokens sequentially from the initial authentication token and the initial validation token through a combination of at least one hashing process and at least one encryption process;
  
  program means for integrating the generated validation tokens in the records of the audit trail by a writing machine which is decoupled from the database and inaccessible by the user; and
  
  program means for validating, by an authorized auditor, the records of the audit trail by using the generated validation tokens in order to detect a tampering of the audit trail,wherein a writing and reading access to the secured information storage is given to the writing machine and only a reading access is given to the auditor, and wherein the Pseudo Random Number, the Timestamp, and the preliminary authentication token are saved in the secured information storage.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The program of claim 9 further comprising program means for installing an initial record of the audit trail by the auditor.
  - 11. The program of claim 10 wherein the initial record of the audit trail has null content.
  - 12. The program of claim 9 wherein the program means for creating further includes:
    - program means for creating the initial validation token from the Pseudo Random Number, the Timestamp, and the preliminary authentication token by the auditor;
      
      program means for creating the initial authentication token through a hashing process after concatenating the preliminary authentication token with the initial validation token; and
      
      program means for integrating the initial validation token to the initial record of the audit trail.
  - 13. The program of claim 9 wherein the program means for generating further includes:
    - program means for creating the validation token for a selected record by encrypting the selected record with the then current authentication token saved in the secured information storage; and
      
      program means for updating the value of the current authentication token by generating the authentication token through a hashing process after concatenating the created validation token with the then current authentication token saved in the secured information storage,wherein the above steps are conducted repeatedly for various records in the audit trail, and wherein any prior value of the current authentication token saved in the secured information storage is irreversibly deleted when an updated value is obtained.
  - 14. The program of claim 9 wherein the program means for generating further includes:
    - program means for creating a validation token for a selected record by concatenating, hashing, and encrypting the selected record with the saved authentication token; and
      
      program means for updating the value of the current authentication token by generating the authentication token further through encrypting the created validation token, wherein the above steps are conducted repeatedly for various records in the audit trail, andwherein any prior value of the current authentication token saved in the secured information storage is irreversibly deleted when an updated value is obtained.
  - 15. The program of claim 9 wherein the program means for integrating further includes program means for adding a predetermined field to the record.
  - 16. The program of claim 9 wherein the program means for validating further includes:
    - program means for obtaining the saved Pseudo Random Number, Timestamp, and preliminary authentication token from the secured information storage;
      
      program means for computing sequentially the validation tokens for the records of the audit trail based on the obtained Pseudo Random Number, Timestamp, and selected preliminary authentication token; and
      
      program means for comparing each computed validation token with the integrated validation token in the record,wherein a tampering of the record is detected if the computed validation token is different from the integrated validation token in the record.

17. A computer system for providing a tamper-proof storage of an audit trail having one or more records for a database, the integrity of the trail being vulnerable to actions taken by an access-privileged user, the system comprising:
- means for creating an initial authentication token and initial validation token of the audit trail from a Pseudo Random Number, a Timestamp, and a preliminary authentication token;
  
  a secured information storage means for saving the initial authentication token as a current authentication token in a predetermined format;
  
  means for generating one or more validation tokens and authentication tokens sequentially from the initial authentication token and the initial validation token through a combination of at least one hashing process and at least one encryption process;
  
  means for integrating the generated validation tokens in the records of the audit trail; and
  
  means for validating, by an authorized auditor, the records of the audit trail by using the generated validation tokens in order to detect a tampering of the audit trail,wherein the secured information storage is inaccessible by the user but accessible by the auditor, a writing and reading access to the secured information storage is only given to a writing machine which is decoupled from the database and inaccessible by the user, and wherein the Pseudo Random Number, the Timestamp, and the preliminary authentication token are saved in the secured information storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Tripathi, Aridaman, Murthy, Madhusudhana H. S.
Primary Examiner(s)
Barrón, Jr., Gilberto
Assistant Examiner(s)
Gurshman, Grigory

Application Number

US09/634,445
Time in Patent Office

1,932 Days
Field of Search

713/177, 713/178, 713/185, 713/193, 713/174, 707/202, 707/9
US Class Current

713/185
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2151   Time stamp

H04L 9/3234   involving additional secure...

H04L 9/3297   involving time stamps, e.g....

Y10S 707/99938   Concurrency, e.g. lock mana...

Y10S 707/99939   Privileged access

Y10S 707/99953   Recoverability

Method and system for providing a tamper-proof storage of an audit trail in a database

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

70 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing a tamper-proof storage of an audit trail in a database

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links