×

Secure audit logging

  • US 9,852,300 B2
  • Filed: 09/25/2015
  • Issued: 12/26/2017
  • Est. Priority Date: 09/25/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method for generating a secure audit log comprising:

  • a first device recording, signing, encrypting, and locally storing an event in an audit log following the event, wherein a first entry of the secure audit log is an encryption key and any subsequent entries of the audit log are event logs;

    wherein the audit log includes a monotonically increasing entry counter enabling a second device to verify that all of the event logs are accounted for in an uploaded audit log file;

    the first device encrypting the audit log to produce an encrypted audit log, wherein the encrypted audit log can be unencrypted with a first encryption key;

    the first device storing the first encryption key in a memory of the first device;

    the first device, while in an unauthenticated state, transmitting the encrypted audit log to the second device via a network;

    the second device decrypting the encrypted audit log with a compatible encryption key to produce the audit log, wherein the second device uses the secure audit log to perform a forensic root cause analysis;

    the first device purging the encrypted audit log and the first encryption key from the memory of the first device; and

    the first device creating a second encryption key to encrypt a second audit log, wherein encrypting the audit log protects a chain of title for the audit log.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×