tamper-evident logs
Tim Churches
tchur at optushome.com.au
Wed Oct 23 02:44:26 EDT 2002
Jeff Epler wrote:
>
> On Tue, Oct 22, 2002 at 10:55:54PM -0400, Bryan L. Fordham wrote:
> > here's a question for y'all:
>
> This is not a question for python-dev. Redirected to python-list.
>
> > I've written a simple http proxy that logs the domains visited. The idea
> > is that it keeps a list of the unique domains for each day. No problem.
> > The problem is that I want it to be obvious if someone has deleted
> > something from the logs.
> >
> > This is a little bit o' software meant to run on the user's box. It does
> > not have to be impossible to tamper with it, nor do I need to be able to
> > say what was removed; just "hey, someone futzed with the log!"
>
> The simplest idea that comes to mind would be to store a hash of the
> log combined with a "secret". (Of course, since it'll necessarily be
> stored on the same computer, it's not really a "secret", but it can be
> obfuscated as much as you like)
Have a look at the GNotary system (which is written in Python and
is GPLed). It is addresses this problem, except for medical records,
not Web logs. See http://www.gnumed.net/gnotary/
Of course, Gnotary uses an inaccessible trusted third party server to
store
the hashes, since that's the only way to create a tamper evidence
system which is itself not open to tampering.
Tim C
More information about the Python-list
mailing list