Techniques for preserving and managing identities in an audit log
First Claim
Patent Images
1. A machine-implemented method to process on a machine, comprising:
- obtaining, by the machine, a transaction identity;
generating, by the machine, an index entry into an index structure for referencing the transaction identity;
identifying, by the machine, a message digest for the transaction identity;
emitting, by the machine, a log entry within a log that identifies the index entry and the message digest for the transaction identity;
associating, by the machine, a time-to-live (TTL) attribute to the transaction identity; and
adding, by the machine, the TTL attribute to the log entry;
detecting, by the machine, a renewal of the transaction identity;
adding, by the machine, a new TTL attribute to a new log entry of the log; and
including, by the machine, the index entry and a new reference to the message digest in the new log entry of the log.
11 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for preserving and managing identities within an audit log. Initial entries into a log do not include an explicit and direct reference to an agent that performs a transaction; rather, the agent acquires a temporary transaction identity for the transaction and an indirect reference to the transaction identity is written to the log while the transaction is pending. Once the transaction completes a direct reference to the transaction identity is written to the log, the identity of agent remains transparent until the identity of the agent expires, if at all.
14 Citations
8 Claims
-
1. A machine-implemented method to process on a machine, comprising:
-
obtaining, by the machine, a transaction identity; generating, by the machine, an index entry into an index structure for referencing the transaction identity; identifying, by the machine, a message digest for the transaction identity; emitting, by the machine, a log entry within a log that identifies the index entry and the message digest for the transaction identity; associating, by the machine, a time-to-live (TTL) attribute to the transaction identity; and adding, by the machine, the TTL attribute to the log entry; detecting, by the machine, a renewal of the transaction identity; adding, by the machine, a new TTL attribute to a new log entry of the log; and including, by the machine, the index entry and a new reference to the message digest in the new log entry of the log. - View Dependent Claims (2, 3)
-
-
4. A machine-implemented method to process on a machine, comprising:
-
obtaining, by the machine, a transaction identity; generating, by the machine, an index entry into an index structure for referencing the transaction identity; identifying, by the machine, a message digest for the transaction identity;
emitting, by the machine, a log entry within a log that identifies the index entry and the message digest for the transaction identity;including, by the machine, an encryption key with the log entry of the log, wherein the encrypted transaction identity if decrypted identifies the transaction identity; and associating, by the machine, a time-to-live (TTL) attribute with the encryption key, wherein the TTL attribute is in response to a policy. - View Dependent Claims (5)
-
-
6. A machine-implemented method to process on a machine, comprising:
-
obtaining, by the machine, a transaction identity; generating, by the machine, an index entry into an index structure for referencing the transaction identity; identifying, by the machine, a message digest for the transaction identity;
emitting, by the machine, a log entry within a log that identifies the index entry and the message digest for the transaction identity; andprocessing, by the machine, at least one of; recording the index entry and the message digest in one or more other log entries, wherein the transaction identity is associated with two or more transactions; and associating a new index entry and new message digest with a changed transaction identity within the log for a single transaction, and which is also associated with the original transaction identity.
-
-
7. A machine-implemented system, comprising:
-
an identity service implemented in a machine-readable medium and to execute on a machine; a logging service implemented in a machine-readable medium and to execute on the machine, wherein the identity service is to supply a transaction identity for a transaction, and wherein the logging service is to generate entries into the log that does not identify the transaction identity while the transaction is pending and remains active; and index data residing in a machine-readable medium and accessed via the machine; wherein the index data includes the transaction identity and a number of the entries include an index key into the index data to acquire the transaction identity, and wherein access to the index data is maintained securely by the logging service, wherein one or more of the entries includes an encryption key, and wherein the key identifies at least one of the index data and the transaction identity, and wherein a time-to-live (TTL) attribute is associated with at least one of the transaction identity and the encryption key. - View Dependent Claims (8)
-
Specification