We present constructs that create, manage, and verify digital audit trails for versioning file systems. Based upon a small amount of data published to a third party, a file system commits to a version history. At a later date, an auditor uses the published data to verify the contents of the file system at any point in time. Audit trails create an analog of the paper audit process for file data, helping to meet the requirements of electronic record legislation, such as Sarbanes-Oxley. Our techniques address the I/O and computational efficiency of generating and verifying audit trails, the aggregation of audit information in directory hierarchies, and constructing verifiable audit trails in the presence of lost data. Copyright 2005 ACM.
Verifiable audit trails for a versioning file system / Randal, Burns; Peterson, Zachary; Ateniese, Giuseppe; Stephen, Bono. - (2005), pp. 44-50. (Intervento presentato al convegno StorageSS'05 - 2005 ACM Workshop on Storage Security and Survivability tenutosi a Fairfax, VA nel 11 November 2005 through 11 November 2005) [10.1145/1103780.1103787].
Verifiable audit trails for a versioning file system
ATENIESE, GIUSEPPE;
2005
Abstract
We present constructs that create, manage, and verify digital audit trails for versioning file systems. Based upon a small amount of data published to a third party, a file system commits to a version history. At a later date, an auditor uses the published data to verify the contents of the file system at any point in time. Audit trails create an analog of the paper audit process for file data, helping to meet the requirements of electronic record legislation, such as Sarbanes-Oxley. Our techniques address the I/O and computational efficiency of generating and verifying audit trails, the aggregation of audit information in directory hierarchies, and constructing verifiable audit trails in the presence of lost data. Copyright 2005 ACM.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
