Augmented metadata and signatures for objects in object stores
US-2019236302-A1 · Aug 1, 2019 · US
Event log tamper resistance
US11295031B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11295031-B2 |
| Application number | US-201916595563-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 8, 2019 |
| Priority date | Oct 8, 2019 |
| Publication date | Apr 5, 2022 |
| Grant date | Apr 5, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments are described for generating, by the processor, a first event record in response to an event being performed by the computer and generating, by the processor, a first tamper resistance record in response to the first event record being generated. The first tamper resistance record includes a first signature is created based at least in part on the first event record and a second signature is created based at least in part on the first event record. Aspects also includes validating the first event record based on the first signature and the second signature in the first tamper resistance record in response to a request to detect tampering of the first event record.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer implemented method for securing a log of one or more event records by adding tamper resistance to the log, the method comprising: generating, by a processor, a first event record in response to an event being performed by the computer; generating, by the processor, a first tamper resistance record in response to the first event record being generated, wherein the first tamper resistance record comprises: a first signature that is created based at least in part on the first event record; and a second signature that is created based at least in part on the first event record and the first signature; storing the first event record and the first tamper resistance record in the log; in response to a request to detect tampering of the first event record, validating the first event record based on the first signature and the second signature in the first tamper resistance record; generating, by the processor, a second event record in response to a second event being performed by the computer, the second event occurring after the first tamper resistance record is generated; generating, by the processor, a second tamper resistance record in response to the second event record being generated, wherein the second tamper resistance record comprises: a third signature that is created based at least in part on the second event record, wherein the third signature is created based at least in part on the second event record and at least part of the first tamper resistance record; and a fourth signature that is created based at least in part on the second event record, wherein the first signature and the third signature are created using the same cryptographic function and the second signature and the fourth signature are created using the same cryptographic function; and in response to a request to detect tampering of the second event record, validating the second event record based on the third signature and the fourth signature in the second tamper resistance record. 2. The computer implemented method of claim 1 , wherein the first tamper resistance record further comprises an identification of a type of cryptographic function used in creating the first signature and the second signature. 3. The computer implemented method of claim 1 , wherein the first tamper resistance record further comprises a spatial reference of the first event record, the spatial reference identifying the first event record. 4. The computer implemented method of claim 3 , wherein the second signature is created based at least in part on the first event record, the spatial reference of the first event record and the first signature. 5. The computer implemented method of claim 1 , wherein the fourth signature is created based at least in part on the second event record, the third signature and at least part of the first tamper resistance record. 6. The computer implemented method of claim 1 , wherein the first signature and the second signature are created using different cryptographic function. 7. A system, comprising: a memory; and a hardware processor; wherein the hardware processor is configured to: generate a first event record in response to an event being performed by the computer; generate a first tamper resistance record in response to the first event record being generated, wherein the first tamper resistance record comprises: a first signature that is created based at least in part on the first event record; and a second signature that is created based at least in part on the first event record and the first signature; store the first event record and the first tamper resistance record in a log of one or more event records; and in response to a request to detect tampering of the first event record, validate the first event record based on the first signature and the second signature in the first tamper resistance record; generate a second event record in response to a second event being performed by the computer, the second event occurring after the first tamper resistance record is generated; generate a second tamper resistance record in response to the second event record being generated, wherein the second tamper resistance record comprises: a third signature that is created based at least in part on the second event record, wherein the third signature is created based at least in part on the second event record and at least part of the first tamper resistance record; and a fourth signature that is created based at least in part on the second event record, wherein the first signature and the third signature are created using the same cryptographic function and the second signature and the fourth signature are created using the same cryptographic function; and in response to a request to detect tampering of the second event record, validate the second event record based on the third signature and the fourth signature in the second tamper resistance record. 8. The system of claim 7 , wherein the first tamper resistance record further comprises an identification of a type of cryptographic function used in creating the first signature and the second signature. 9. The system of claim 7 , wherein the first tamper resistance record further comprises a spatial reference of the first event record, the spatial reference identifying the first event record. 10. The system of claim 9 , wherein the second signature is created based at least in part on the first event record, the spatial reference of the first event record and the first signature. 11. The system of claim 7 , wherein the fourth signature is created based at least in part on the second event record, the third signature and at least part of the first tamper resistance record. 12. The system of claim 7 , wherein the first signature and the second signature are created using different cryptographic function. 13. A computer program product comprising a non-transitory computer readable storage medium having program instructions embodied therewith, the program instructions being executable by a processor to cause the processor to perform a method comprising: generating a first event record in response to an event being performed by the computer; generating a first tamper resistance record in response to the first event record being generated, wherein the first tamper resistance record comprises: a first signature that is created based at least in part on the first event record; and a second signature that is created based at least in part on the first event record and the first signature; storing the first event record and the first tamper resistance record in a log of one or more event records; and in response to a request to detect tampering of the first event record, validating the first event record based on the first signature and the second signature in the first tamper resistance record; generating, by the processor, a second event record in response to a second event being performed by the computer, the second event occurring after the first tamper resistance record is generated; generating, by the processor, a second tamper resistance record in response to the second event record being generated, wherein the second tamper resistance record comprises: a third signature that is created based at least in part on the second event record, wherein the third signature is created based at least in part on the second event record and at least part of the first tamper resistance record; and a fourth signature that is created based at least in part on the second event record, wherein the first signature and the third signature are created using the same cryptographic fu
Assignees
Inventors
Classifications
Time stamp · CPC title
Auditing as a secondary aspect · CPC title
- G06F21/64Primary
Protecting data integrity, e.g. using checksums, certificates or signatures · CPC title
Detecting or preventing theft or loss · CPC title
Providing cryptographic facilities or services · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11295031B2 cover?
- Embodiments are described for generating, by the processor, a first event record in response to an event being performed by the computer and generating, by the processor, a first tamper resistance record in response to the first event record being generated. The first tamper resistance record includes a first signature is created based at least in part on the first event record and a second sig…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/64. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 05 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).