JP2013003968A - Log management device, log management method and log management program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To prevent processing load from increasing in a TSA for authenticating a presence time of a log.SOLUTION: The log management device according to an embodiment acquires a log message that is output in a computer system. Also, when acquiring a new log message, the log management device calculates a hash value of information in which a hash value calculated by using a log message acquired at a time prior to the time of the new log message and the new log message are tied. In addition, when a predetermined time passes or a predetermined amount of log messages are acquired, the log management device transmits a hash value that is lately calculated to a time stamp station so as to add time information showing a time when a log message group that is a calculation source of the hash value is present to the log message group.

Description

  Embodiments described herein relate generally to a log management device, a log management method, and a log management program.

  Conventionally, in a computer system, log management is performed from the viewpoint of ensuring information security and quick failure handling. For example, an auditor who audits a computer system can audit whether information security is ensured by monitoring logs output by a server or communication device in the computer system, or if a system failure occurs. Audit whether or not

  Due to the nature of the log used for such audits, the time when the log is output is important information. That is, in log management, it is desirable to be able to verify the presence or absence of falsification with respect to time information (log time stamp) at which the log was output. Therefore, by letting a third party called a time stamp authority (hereinafter sometimes referred to as “TSA: Time Stamp Authority”) certify the time when electronic data existed, It may be possible to verify whether or not the log time stamp has been tampered with.

R. Gerhards et al, "The Syslog Protocol", Network Working Group, RFC5424, March 2009, [online], [searched June 10, 2011], Internet <http://tools.ietf.org/html/ rfc5424> C. Adams et al, "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)", Network Working Group, RFC3161, August 2001, [online], [searched June 10, 2011], Internet <http : //tools.ietf.org/html/rfc3161> Nippon Telegraph and Telephone Corporation, "PSEC-KEM Specification version 2.2", April 14, 2008, [online], [Search June 10, 2011], Internet <http://info.isl.ntt .co.jp / crypt / psec / specifications.html>

  However, there is a risk that the load on the TSA increases in the above-described conventional technology. Specifically, in the above prior art, it is necessary to have TSA prove the existence time of each log output by the computer system. However, since a huge amount of logs are output from the computer system, There is a risk that the load of the proof processing will increase.

  The present invention has been made in view of the above, and provides a log management device, a log management method, and a log management program that can prevent an increase in processing load in a TSA that proves the log existence time. Objective.

  The log management device according to the embodiment includes an acquisition unit that sequentially acquires log messages output in a computer system, and a combination of a past log message acquired in the past and predetermined data from the log message acquired by the acquisition unit When specific data for specifying information and new specific data for specifying combined information with the log message are calculated, and a new log message is acquired by the acquisition unit, the predetermined data as the predetermined data A calculation unit that calculates specific data for specifying combined information between new specific data and the new log message, and when a predetermined time has elapsed, or a predetermined amount of log message has been acquired by the acquisition unit In this case, the specific data calculated most recently by the calculation unit is transmitted to the time stamp station, whereby the special data is transmitted. Time information indicating a time when the log message group exists specified by the data, characterized in that a deposition unit that applies to the log message group.

  The log management device, the log management method, and the log management program according to the embodiment have an effect that it is possible to prevent an increase in processing load in the TSA that proves the log existence time.

FIG. 1 is a diagram illustrating a configuration example of a log management system according to the first embodiment. FIG. 2 is a diagram illustrating a configuration example of the log management apparatus according to the first embodiment. FIG. 3 is a diagram illustrating an example of processing performed by the control unit of the log management apparatus according to the first embodiment. FIG. 4 is a diagram illustrating an example of processing performed by the control unit of the log management apparatus according to the first embodiment. FIG. 5 is a diagram illustrating a configuration example of the inspector terminal according to the first embodiment. FIG. 6 is a diagram illustrating an example of processing performed by the log message verification unit of the inspector terminal according to the first embodiment. FIG. 7 is a flowchart illustrating a processing procedure performed by the log management apparatus according to the first embodiment. FIG. 8 is a flowchart illustrating a processing procedure performed by the log management apparatus according to the first embodiment. FIG. 9 is a flowchart illustrating a processing procedure performed by the inspector terminal according to the first embodiment. FIG. 10 is a diagram illustrating a computer that executes a log management program.

  Embodiments of a log management apparatus, a log management method, and a log management program according to the present invention will be described below in detail with reference to the drawings. In addition, this invention is not limited by this Example.

[Log Management System Configuration]
First, a log management system including a log management apparatus according to the first embodiment will be described with reference to FIG. FIG. 1 is a diagram illustrating a configuration example of a log management system according to the first embodiment. As illustrated in FIG. 1, the log management system 1 according to the first embodiment includes log output systems 10-1 to 10-n, a TSA 20, a log management device 100, and an inspector terminal 200. Each of these devices is connected via a network N1.

  The log output systems 10-1 to 10-n are devices that output log messages, and are, for example, information processing devices such as PCs (Personal Computers) and servers, and communication devices such as switches. The “log message” indicates a combination of one or more processing times and processing contents. For example, the “log message” is a combination of one processing time and processing content such as “Y year M month h hour m1 minute processing start” or “Y year M month h hour m1 minute processing start”. It may be a combination of a plurality of processing times and processing contents, such as “Yes, M month h hour m2 minute error occurred” and “Y year M month h hour m3 processing terminated”. However, when the log message is a combination of a plurality of processing times and processing contents, it is desirable that all the processing times are within a predetermined time (for example, 3 minutes).

  The TSA 20 proves the time when the electronic data existed by giving the electronic data a time stamp that is accurate time information. For example, when receiving a hash value of a log message from the log management apparatus 100, the TSA 20 according to the first embodiment generates a “time stamp token” that combines the hash value and the current time. Further, the TSA 20 generates a digital signature of the time stamp token by encrypting the time stamp token using the private key of the own system (TSA 20). At this time, the TSA 20 may generate the digital signature of the time stamp token by encrypting the hash value of the time stamp token. Then, the TSA 20 transmits the signed time stamp token to the log management apparatus 100. The TSA 20 can communicate with a time server (not shown) (for example, an NTP (Network Time Protocol) server or the like), and can acquire accurate time information from the NTP server or the like.

  The log management device 100 is a log server that manages log messages output by the log output systems 10-1 to 10-n. The log management apparatus 100 acquires a time stamp token for proving the existence time of the log message from the TSA 20 by transmitting the hash value of the log message to the TSA 20. Thereby, the existence time of each log message managed by the log management apparatus 100 is proved by the TSA 20 which is a third party organization.

  The inspector terminal 200 is a verification device used by the inspector, and is an information processing device such as a PC (Personal Computer), for example. The inspector terminal 200 receives a log message or a time stamp token from the log management apparatus 100, and verifies whether or not the log message or the log message time stamp has been tampered with using the time stamp token. The processing performed by the inspector terminal 200 will be described later with reference to FIGS.

  Here, the log management device 100 according to the first embodiment does not transmit the hash value of each log message to the TSA 20 each time a log message is output by the log output systems 10-1 to 10-n, and a plurality of log messages. Is sent to the TSA 20. In other words, the log management apparatus 100 according to the first embodiment does not cause the TSA 20 to generate a time stamp token corresponding to each log message, but generates one time stamp token for a plurality of log messages.

  Specifically, when a new log message is output by the log output systems 10-1 to 10-n, the log management apparatus 100 does not calculate a hash value of a new log message, but creates a new log message. A hash value of a character string obtained by concatenating a message and a hash value generated from a log message output in the past is calculated. Each time a new log message is output by the log output systems 10-1 to 10-n, the log management apparatus 100 calculates hash values corresponding to a plurality of log messages by the same procedure. When the log output system 10-1 to 10-n outputs a predetermined number of log messages or when a predetermined time has elapsed, the log management apparatus 100 determines the hash value calculated last ( A hash value calculated at a close time) is transmitted to the TSA 20 to generate time stamp tokens corresponding to a plurality of log messages.

  As described above, since the log management apparatus 100 according to the first embodiment generates one time stamp token for a plurality of log messages, an increase in processing load in the TSA 20 can be prevented. Furthermore, since the log management apparatus 100 acquires time stamp tokens corresponding to a plurality of log messages from the TSA 20, the existence time of each log message can be proved to the TSA 20, and as a result, the reliability of the log message is improved. Can be made.

  Hereinafter, the log management apparatus 100 will be described in detail. The log management apparatus 100 also performs processing for deleting a plain text log message in order to prevent the log from being tampered by a system administrator other than the auditor, and this will be described below. . In the following, the verification process performed by the inspector terminal 200 will be described after describing the log management apparatus 100.

[Log management device configuration]
The log management apparatus 100 according to the first embodiment will be described with reference to FIG. FIG. 2 is a diagram illustrating a configuration example of the log management apparatus 100 according to the first embodiment. As illustrated in FIG. 2, the log management apparatus 100 according to the first embodiment includes a storage unit 110 and a control unit 120.

  Although omitted from FIG. 2, the log management apparatus 100 communicates with other apparatuses (log output systems 10-1 to 10-n, TSA 20, the auditor terminal 200, etc.) via the network N1. It has an interface for sending and receiving various data. In addition, the log management apparatus 100 may include an input unit (keyboard, mouse, etc.) for inputting various information and operation instructions, and a display device (liquid crystal display device, etc.) for displaying various information.

  The storage unit 110 is a storage device such as a hard disk or a semiconductor memory element, and stores various data. The storage unit 110 according to the first embodiment includes a key storage unit 111 and a log storage unit 112 as illustrated in FIG.

  The key storage unit 111 stores a public key disclosed by the inspector terminal 200 shown in FIG. More specifically, the inspector terminal 200 employs asymmetric key cryptosystem as an encryption method, and holds a public key and a secret key for asymmetric key encryption. The inspector terminal 200 publishes the public key to the log management apparatus 100, while the private key is held only by the own apparatus (inspector terminal 200). The key storage unit 111 of the log management apparatus 100 stores a public key that is disclosed by the inspector terminal 200. Here, in asymmetric key cryptography, a public key is used for encryption and a secret key is used for decryption, but an encrypted document encrypted with the public key cannot be decrypted with the public key. In other words, the encrypted document encrypted with the public key stored in the key storage unit 111 can be decrypted only by the inspector terminal 200.

  The log storage unit 112 stores various data relating to log messages and the like output by the log output systems 10-1 to 10-n. Here, the log storage unit 112 does not store a plain text log message, but may be expressed as a log message encrypted with a public key stored in the key storage unit 111 (hereinafter referred to as “encrypted log message”). Remember). In addition, the log storage unit 112 stores a hash value generated from the log message, a time stamp token generated by the TSA 20, and the like. Since various information stored in the log storage unit 112 is updated by the control unit 120, the log storage unit 112 will be described together with the control unit 120 described later.

  The control unit 120 is an electronic circuit such as a CPU (Central Processing Unit) or MPU (Micro Processing Unit), or an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or an FPGA (Field Programmable Gate Array). As illustrated in FIG. 2, the control unit 120 according to the first embodiment includes an acquisition unit 121, an encryption unit 122, a specific data calculation unit 123, a time stamp assignment unit 124, and a transmission unit 125.

  The acquisition unit 121 acquires log messages output by the log output systems 10-1 to 10-n. For example, the acquisition unit 121 acquires log messages newly output by the log output systems 10-1 to 10-n by accessing the log output systems 10-1 to 10-n via the network N1. For example, when a new log message is transmitted to the log management apparatus 100 by the log output systems 10-1 to 10-n, the acquisition unit 121 receives a new message from the log output systems 10-1 to 10-n. By receiving the log message, the log message output by the log output systems 10-1 to 10-n is acquired.

  The encryption unit 122 encrypts the log message acquired by the acquisition unit 121. Specifically, the encryption unit 122 encrypts the plaintext log message acquired by the acquisition unit 121 by using the public key for asymmetric key encryption stored in the key storage unit 111. A log message is generated, and the generated encrypted log message is stored in the log storage unit 112.

  The specific data calculation unit 123, when a log message is acquired by the acquisition unit 121, specific data for specifying combined information between the acquired log message and a log message acquired in the past than the log message Is calculated. Note that the specific data calculation unit 123 according to the first embodiment calculates a hash value as the specific data.

  Specifically, the specific data calculation unit 123, when a new log message is acquired by the acquisition unit 121, the hash value calculated from the log message acquired by the acquisition unit 121 in the past than the new log message. And the new log message are concatenated, and a hash value of the concatenated character string is calculated. Then, the specific data calculation unit 123 stores the calculated hash value in the log storage unit 112 in association with the encrypted log message generated from the new log message by the encryption unit 122. After that, when a new log message is further acquired by the acquisition unit 121, the specific data calculation unit 123 further includes a hash of a character string obtained by concatenating the acquired new log message and the hash value calculated above. Calculate the value. The specific data calculation unit 123 calculates a hash value using a hash function such as MD5 (Message Digest Algorithm 5) or SHA (Secure Hash Algorithm).

  By the way, when the log management apparatus 100 is initially introduced into the log management system 1 and the log management apparatus 100 has never acquired a log message from the log output system 10-1 or the like, the log management apparatus 100 Also, the hash value is not stored. Therefore, when the specific data calculation unit 123 acquires the first log message from the log output system 10-1 or the like, the specific data calculation unit 123 calculates the hash value of the first log message. When the second log message is acquired from the log output system 10-1 or the like, the specific data calculation unit 123 concatenates the second log message and the hash value of the first log message. Then, the hash value of the concatenated character string is calculated. Similarly, when the “i” -th log message is acquired from the log output system 10-1 or the like, the specific data calculation unit 123 receives the “i” -th log message and the “i−1” -th log message. The hash value of the character string concatenated with the hash value calculated when the log message is acquired is calculated.

  Here, the encryption unit 122 or the specific data calculation unit 123 deletes the plaintext log message after the encryption process by the encryption unit 122 and the hash value calculation process by the specific data calculation unit 123 are completed. That is, the log management apparatus 100 according to the first embodiment does not hold a plain text log message in the storage unit such as the log storage unit 112. Thereby, the log management device 100 can prevent the log message from being tampered with by a system administrator other than the auditor.

  The time stamp assigning unit 124 assigns a time stamp generated by the TSA 20 to the log message managed by the log management apparatus 100. Specifically, the time stamp assigning unit 124 transmits the hash value calculated most recently (the time closest to the current time) to the TSA 20 by the specific data calculating unit 123 when the predetermined timing comes, The TSA 20 is caused to generate a time stamp token corresponding to the hash value. For example, when a predetermined time has elapsed or when a predetermined number of log messages have been acquired by the acquisition unit 121, the time stamp assigning unit 124 stores the hash value calculated most recently by the specific data calculation unit 123 in the TSA 20. Send. Thereby, the time stamp assigning unit 124 can attach time information indicating the time when the log message group specified by the hash value transmitted to the TSA 20 exists to the log message group.

  At this time, when the TSA 20 receives the hash value from the time stamp assigning unit 124, the TSA 20 generates a time stamp token by combining the hash value and the current time. Further, the TSA 20 generates a digital signature of the time stamp token by encrypting the time stamp token or the hash value of the time stamp token using the private key of the own system (TSA 20). Then, the TSA 20 transmits the time stamp token and the digital signature to the time stamp assigning unit 124.

  As a result, the time stamp assigning unit 124 can acquire the time stamp token corresponding to the hash value last calculated by the specific data calculating unit 123 and the digital signature of the time stamp token. Then, the time stamp assigning unit 124 stores the time stamp token and the digital signature acquired from the TSA 20 in the log storage unit 112 in association with the hash value transmitted to the TSA 20.

  When the time stamp giving unit 124 acquires the time stamp token and the digital signature, the transmission unit 125 calculates the specific data and the encrypted log message generated by the encryption unit 122 together with the time stamp token and the digital signature. The hash value calculated by the unit 123 is transmitted to the inspector terminal 200. At this time, the transmission unit 125 acquires the encrypted log message and hash value that have not been transmitted to the auditor terminal 200 from the log storage unit 112, and transmits the acquired encrypted log message and hash value to the auditor terminal 200. .

  Here, processing performed by the control unit 120 of the log management apparatus 100 will be described with reference to FIGS. 3 and 4. 3 and 4 are diagrams illustrating an example of processing performed by the control unit 120 of the log management apparatus 100 according to the first embodiment. In the example illustrated in FIG. 3, the acquisition unit 121 acquires the log message “i”. Note that “i” indicates a numerical value equal to or greater than “1”, and indicates the order of log messages acquired by the acquisition unit 121. For example, the log message “i−1” indicates that the log message is acquired by the acquisition unit 121 immediately before the log message “i”.

  In this case, the encryption unit 122 uses the public key stored in the key storage unit 111 (the public key of the auditor disclosed by the auditor terminal 200) to acquire the log message acquired by the acquisition unit 121. By encrypting “i”, an encrypted log message “i” is generated (step S11).

  Further, the specific data calculation unit 123 calculates a hash value using the log message “i”. Here, the specific data calculation unit 123 calculates the hash value “i−1” using the log message “i−1” or the like when the log message “i−1” is acquired by the acquisition unit 121. ing. When the log message “i” is acquired by the acquisition unit 121, the specific data calculation unit 123 calculates using the log message “i−1” acquired immediately before the log message “i”. The hash value “i−1” and the log message “i” are concatenated (step S12). Then, the specific data calculation unit 123 calculates a hash value “i” of the concatenated character strings (step S13). The specific data calculation unit 123 uses the hash value “i” as a hash value connected to the log message “i + 1” when the log message “i + 1” is acquired by the acquisition unit 121 thereafter.

  Then, after the encryption process in step S11 and the hash value calculation process in steps S12 and S13 are completed, the encryption unit 122 or the specific data calculation unit 123 deletes the plaintext log message “i” (step S14). .

  In this way, the encryption unit 122 generates an encrypted log message from the log message acquired by the acquisition unit 121, and the specific data calculation unit 123 calculates a hash value from the log message acquired by the acquisition unit 121. To do. As a result, the encrypted log message and hash value stored in the log storage unit 112 are as shown in the example shown in FIG.

  Specifically, in the example illustrated in FIG. 4, when the log message “i” is acquired by the acquisition unit 121, the encryption unit 122 generates the encrypted log message “i”. Further, the specific data calculation unit 123 calculates a hash value “i” of a character string obtained by concatenating the log message “i” and the hash value “i−1”. Subsequently, when the log message “i + 1” is acquired by the acquisition unit 121, the encryption unit 122 generates the encrypted log message “i + 1”, and the specific data calculation unit 123 hashes the log message “i + 1” with the hash value. A hash value “i + 1” of the character string concatenated with the value “i” is calculated. Similarly, when the log message “i + 2” is acquired by the acquisition unit 121, the encryption unit 122 generates an encrypted log message “i + 2”, and the specific data calculation unit 123 determines that the log message “i + 2”. And a hash value “i + 2” of a character string obtained by concatenating the hash value “i + 1”. Further, when the log message “i + 3” is acquired by the acquisition unit 121, the encryption unit 122 generates an encrypted log message “i + 3”, and the specific data calculation unit 123 hashes the log message “i + 3”. A hash value “i + 3” of a character string obtained by concatenating the value “i + 2” is calculated.

  Then, the time stamp assigning unit 124 calculates the hash value calculated last by the specific data calculating unit 123 every time a predetermined time elapses or a predetermined number of new log messages are acquired by the acquiring unit 121. Transmit to TSA20. For example, in the example illustrated in FIG. 4, the time stamp assigning unit 124 transmits a hash value to the TSA 20 each time a new log message is acquired “four times” by the acquiring unit 121. In the example illustrated in FIG. 4, the time stamp assigning unit 124 transmits the hash value “i−1” to the TSA 20 and acquires the time stamp corresponding to the hash value “i−1”. .

  In such a case, the time stamp assigning unit 124 does not transmit the hash value “i” to the TSA 20 when the hash value “i” is calculated. This is because after the hash value “i−1” is transmitted to the TSA 20, the log message newly acquired by the acquisition unit 121 is only the log message “i”, and the number of log message acquisitions by the acquisition unit 121 is “4”. This is because it is not “times”. For the same reason, the time stamp assigning unit 124 does not transmit the hash values “i + 1” and “i + 2” to the TSA 20. Then, when calculating the hash value “i + 3”, the time stamp assigning unit 124 transmits the hash value “i + 3” to the TSA 20. This is because the log message newly acquired by the acquisition unit 121 after transmitting the hash value “i−1” to the TSA 20 is the log message “i”, “i + 1”, “i + 2”, “i + 3”. This is because the number of log message acquisitions by the unit 121 has reached “4 times”.

  As a result, the time stamp assigning unit 124 acquires the time stamp token corresponding to the hash value “i + 3” and the digital signature of the time stamp token from the TSA 20. The time stamp assigning unit 124 stores the time stamp token and the digital signature acquired from the TSA 20 in the log storage unit 112 in association with the hash value “i + 3”.

  Then, the transmission unit 125 transmits various data stored in the log storage unit 112 illustrated in FIG. 4 to the inspector terminal 200. For example, in the example illustrated in FIG. 4, the transmission unit 125 encrypts the encrypted log message or the hash value before the encrypted log message “i−1” if it has been transmitted to the inspector terminal 200. Log messages “i”, “i + 1”, “i + 2” and “i + 3”, hash values “i”, “i + 1”, “i + 2” and “i + 3”, a time stamp token corresponding to the hash value “i + 3”, and The digital signature is transmitted to the inspector terminal 200.

  In this way, every time a new log message is acquired, the log management apparatus 100 sequentially calculates a hash value using past log messages, and transmits only a specific hash value to the TSA 20 to thereby obtain a time stamp token. To get. In other words, the log management apparatus 100 does not cause the TSA 20 to generate a time stamp token every time a log message is acquired, and therefore it is possible to prevent an increase in load such as a time stamp token generation process by the TSA 20.

  In addition, the log management apparatus 100 acquires a time stamp token only for a specific hash value, and the hash value includes information on past log messages. Therefore, the time information included in the time stamp token can indicate the time when a plurality of log messages exist. To explain using the example shown in FIG. 4, it can be said that the time stamp token “i + 3” corresponding to the hash value “i + 3” corresponds to the hash value generated from the log messages “1” to “i + 3”. Therefore, the time stamp token “i + 3” can prove the existence times of the log messages “1” to “i + 3”. Similarly, the time stamp token “i-1” illustrated in FIG. 4 can prove the time when the log messages “1” to “i-1” existed. Further, the time stamp tokens “i−1” and “i + 3” can prove the time when the log message was created. Specifically, the time stamp tokens “i−1” and “i + 3” may prove that log messages “i” to “i + 3” were created between the times indicated by both time stamp tokens. it can.

  The log management apparatus 100 also stores a plurality of encrypted log messages, a hash value corresponding to each encrypted log message, a time stamp token corresponding to a predetermined hash value, and a digital signature of the time stamp token. Held in the section 112. In other words, the log management apparatus 100 holds an encrypted log message that can be decrypted only with the private key held by the inspector terminal 200 without holding a plain text log message. Therefore, a system administrator or the like who can log in to the log management apparatus 100 cannot tamper with the plaintext log message, and as a result, regenerates an encrypted log message or hash value from the tampered plaintext log message. I can't. In other words, a system administrator other than the auditor cannot tamper with the log message so that it cannot be detected by the auditor. For this reason, the log management apparatus 100 according to the first embodiment can prevent log messages from being falsified.

  FIG. 4 shows an example in which the time stamp assigning unit 124 transmits the hash value “i + 3” to the TSA 20 without transmitting the hash values “i”, “i + 1”, and “i + 2” to the TSA 20. That is, FIG. 4 shows an example in which the time stamp assigning unit 124 transmits the hash value corresponding to the log message to the TSA 20 every predetermined number of log messages. However, the present invention is not limited to this example, and the time stamp assigning unit 124, every time a hash value is calculated by the specific data calculating unit 123, when a large number of log messages are not output by the log output systems 10-1 to 10-n. In addition, such a hash value may be transmitted to the TSA 20.

  For example, the time stamp assigning unit 124 calculates the hash value last calculated by the specific data calculation unit 123 when one hour has elapsed or when the acquisition unit 121 acquires a new log message “four times”. Are transmitted to the TSA 20. At this time, when only one log message “i” is output by the log output systems 10-1 to 10-n during the lapse of 1 hour, the transmission unit 125 hashes corresponding to the log message “i”. The value “i” is transmitted to the TSA 20. When only one log message “i + 1” is output by the log output systems 10-1 to 10-n during the next one hour, the transmission unit 125 corresponds to the log message “i + 1”. The hash value “i + 1” is transmitted to the TSA 20. Thus, since the time stamp assigning unit 124 does not transmit a predetermined number or more of hash values within a predetermined time, even if the hash value corresponding to each log message is transmitted, the processing load in the TSA 20 Can be prevented from increasing.

  In the example illustrated in FIG. 4, the transmission unit 125 transmits a plurality of encrypted log messages and a plurality of hash values. However, as illustrated in the above example, each log message is transmitted by the time stamp adding unit 124. When a time stamp token corresponding to is acquired, a pair of encrypted log messages and a hash value are transmitted to the inspector terminal 200.

[Configuration of auditor terminal]
Next, the inspector terminal 200 according to the first embodiment will be described with reference to FIG. FIG. 5 is a diagram illustrating a configuration example of the inspector terminal 200 according to the first embodiment. As illustrated in FIG. 5, the inspector terminal 200 according to the first embodiment includes a storage unit 210 and a control unit 220.

  Although not shown in FIG. 5, the inspector terminal 200 has an interface for transmitting and receiving various data to and from other devices (the log management device 100 and the like) via the network N1. The inspector terminal 200 may include an input unit (keyboard, mouse, etc.) for inputting various information and operation instructions, and a display device (liquid crystal display device, etc.) for displaying various information.

  The storage unit 210 is a storage device such as a hard disk or a semiconductor memory element. The storage unit 210 according to the first embodiment includes a log storage unit 211 and a verification result storage unit 212 as illustrated in FIG.

  The log storage unit 211 stores the encrypted log message, hash value, time stamp token, and digital signature received from the log management apparatus 100. The verification result storage unit 212 stores a verification result for the encrypted log message or the like. Various information stored in the log storage unit 211 and the verification result storage unit 212 is updated by the control unit 220. Therefore, the log storage unit 211 and the verification result storage unit 212 will be described together with the control unit 220 described later.

  The control unit 220 is an electronic circuit such as a CPU or MPU, or an integrated circuit such as an ASIC or FPGA. As illustrated in FIG. 5, the control unit 220 according to the first embodiment includes a reception unit 221, a log message verification unit 222, and a time stamp verification unit 223.

  The receiving unit 221 receives an encrypted log message or the like from the log management device 100. Specifically, the reception unit 221 receives an encrypted log message, a hash value, a time stamp token, and a digital signature transmitted by the transmission unit 125 of the log management apparatus 100, and stores various received information in the log storage unit 211. Store.

  As described with reference to FIG. 4, the transmission unit 125 of the log management apparatus 100 outputs a plurality of log messages by the log output systems 10-1 to 10-n within a predetermined time (for example, 1 hour). If so, a plurality of encrypted log messages, a plurality of hash values, a set of time stamp tokens and a digital signature are transmitted. In such a case, the receiving unit 221 receives a plurality of encrypted log messages, a plurality of hash values, a set of time stamp tokens, and a digital signature.

  The log message verification unit 222 decrypts the encrypted log message by using the asymmetric key encryption secret key when the reception unit 221 receives the encrypted log message, the hash value, the time stamp token, and the digital signature. . At this time, when a plurality of encrypted log messages are received by the receiving unit 221, the log message verifying unit 222 decrypts all the encrypted log messages and verifies the presence / absence of falsification for each log message.

  Specifically, the log message verification unit 222 includes a hash value calculated from a log message to be verified and a log message output in the past from the log message to be verified among the plurality of decrypted log messages. And the hash value of the concatenated character string is calculated. When the calculated hash value and the hash value corresponding to the verification target log message are the same, the log message verification unit 222 determines that the verification target log message has not been tampered with, If they are not the same, it is determined that the log message to be verified has been falsified. The log message verification unit 222 performs the same verification process on each encrypted log message received by the reception unit 221, and stores each decryption log message and the verification result in the verification result storage unit 212. Accordingly, the auditor can check the plain text log message by referring to the verification result storage unit 212 and can check whether the log message has been tampered with.

  Here, processing performed by the log message verification unit 222 of the inspector terminal 200 will be described with reference to FIG. FIG. 6 is a diagram illustrating an example of processing performed by the log message verification unit 222 of the inspector terminal 200 according to the first embodiment. In the example illustrated in FIG. 6, the reception unit 221 includes the encrypted log messages “i”, “i + 1”, “i + 2”, and “i + 3” illustrated in FIG. 4 and the hash values “i”, “i + 1”, “ It is assumed that “i + 2” and “i + 3” are received. Here, a case where the verification target of the log message verification unit 222 is the encrypted log message “i” will be described as an example.

  When verifying the encrypted log message “i” received by the receiving unit 221, the log message verifying unit 222 decrypts the encrypted log message “i” using a secret key for asymmetric key encryption. The plaintext log message “i” is generated (step S21). Subsequently, the log message verification unit 222 concatenates the plain text log message “i” and the hash value “i−1” (step S22), and calculates a hash value of the concatenated character string (step S23). Note that since the hash value received in the past by the receiving unit 221 is stored in the log storage unit 211, the log message verification unit 222 acquires the hash value “i−1” from the log storage unit 211.

  Subsequently, the log message verification unit 222 compares the hash value calculated in step S23 with the hash value “i” received by the reception unit 221 (step S24). Then, the log message verification unit 222 stores the verification result that is the comparison result and the plaintext log message “i” generated in step S21 in the verification result storage unit 212 in association with each other.

  Although not shown in FIG. 6, the log message verification unit 222 performs the same verification process on the encrypted log messages “i + 1”, “i + 2”, and “i + 3”, and the verification result and the plaintext log The messages “i + 1”, “i + 2”, and “i + 3” are stored in the verification result storage unit 212 in association with each other.

  Returning to the description of FIG. 5, when the reception unit 221 receives the encrypted log message, the hash value, the time stamp token, and the digital signature, the time stamp verification unit 223 uses the time stamp token and the digital signature, The existence time and creation time of the log message are verified, and whether or not the log message has been tampered between the time indicated by the time stamp token and the current time is verified.

  Specifically, the time stamp verification unit 223 first verifies whether the time stamp token received by the reception unit 221 has been generated by the TSA 20 using the digital signature received by the reception unit 221. For example, when the TSA 20 generates a digital signature by encrypting the hash value of the time stamp token with the secret key of the TSA 20, the time stamp verification unit 223 decrypts the digital signature using the public key of the TSA 20 To do. Further, the time stamp verification unit 223 calculates a hash value of the time stamp token received by the reception unit 221. The time stamp verification unit 223 determines that the time stamp token received by the reception unit 221 is generated by the TSA 20 when both hash values are the same, and when both hash values are not the same. It is determined that such a time stamp token has not been generated by the TSA 20 and has been generated by another person pretending to be the TSA 20.

  Subsequently, the time stamp verification unit 223 extracts the hash value by removing the time information from the time stamp token. Then, the time stamp verification unit 223 includes a hash value corresponding to the time stamp token among the plurality of hash values received by the reception unit 221 (the hash value calculated last by the specific data calculation unit 123), and a time stamp. Compare the hash value extracted from the token. The time stamp verification unit 223 determines that the verification is successful when both hash values are the same, and determines that the verification fails when both hash values are not the same.

  Specifically, when the verification is successful, the time stamp verification unit 223 includes a plurality of encrypted log messages received by the reception unit 221 at the time indicated by the time information included in the time stamp token. It is determined that a plurality of encrypted log messages between the time indicated by the time information and the current time have not been falsified. In addition, for example, when the time stamp token “i−1” and the time stamp token “i + 3” illustrated in FIG. 4 are successfully verified, the time stamp verification unit 223 performs a time interval between the times indicated by both time stamp tokens. It is determined that log messages “i” to “i + 3” have been created.

  In addition, when the verification fails, the time stamp verification unit 223 determines that there are not necessarily a plurality of encrypted log messages corresponding to the time indicated by the time information included in the time stamp token. It is determined that there is a possibility that a plurality of encrypted log messages between the time indicated by the time information and the current time have been falsified.

  The time stamp verification unit 223 stores such a verification result in the verification result storage unit 212. As a result, the auditor can check the existence time and creation time of the log message by referring to the verification result storage unit 212 and can check whether the log message has been tampered with.

[Processing procedure by log management device]
Next, a processing procedure performed by the log management apparatus 100 according to the first embodiment will be described with reference to FIGS. 7 and 8. 7 and 8 are flowcharts illustrating a processing procedure performed by the log management apparatus 100 according to the first embodiment. 7 illustrates a log message reception process procedure performed by the log management apparatus 100, and FIG. 8 illustrates a log message transmission process procedure performed by the log management apparatus 100.

  As illustrated in FIG. 7, the log management apparatus 100 determines whether or not a log message that is plain text has been acquired from the log output systems 10-1 to 10-n (step S101). If the log management apparatus 100 has not acquired a log message (No at step S101), the log management apparatus 100 waits until a log message is acquired.

  On the other hand, when the log management apparatus 100 acquires log messages from the log output systems 10-1 to 10-n (Yes in step S101), the log management apparatus 100 uses the public key for asymmetric key encryption disclosed by the inspector terminal 200. The plaintext log message is encrypted by using it (step S102). As a result, the log management apparatus 100 generates an encrypted log message.

  Further, the log management apparatus 100 concatenates the log message acquired from the log output systems 10-1 to 10-n and the hash value generated from the past log message acquired before the log message (step S103). ). Then, the log management apparatus 100 calculates a hash value of the concatenated character string (step S104). Note that the log management apparatus 100 may perform the processing procedure in step S102 and the processing procedures in steps S103 and S104 in parallel.

  The log management apparatus 100 deletes the plaintext log message acquired from the log output systems 10-1 to 10-n after the processing procedure in steps S102 to S104 is completed (step S105).

  Thus, whenever the log management apparatus 100 acquires a log message from the log output systems 10-1 to 10-n (Yes in step S101), the log management apparatus 100 performs the processing procedure in steps S102 to S105.

  Subsequently, as illustrated in FIG. 8, the log management apparatus 100 determines whether a predetermined time has elapsed or whether a predetermined number of log messages have been acquired from the log output systems 10-1 to 10-n. (Step S201). If the log management apparatus 100 does not satisfy both conditions (No at step S201), the log management apparatus 100 waits until either condition is satisfied.

  On the other hand, when the predetermined time has elapsed or when the log management apparatus 100 has acquired a predetermined number of log messages from the log output systems 10-1 to 10-n (Yes in step S201), the log management apparatus 100 is illustrated in FIG. Of the hash values calculated in step S104, the hash value calculated last (the time closest to the current time) is transmitted to the TSA 20 (step S202). As a result, the log management apparatus 100 acquires the time stamp token corresponding to the hash value from the TSA 20 (step S203). Although omitted in FIG. 8, the log management apparatus 100 also acquires the digital signature of the time stamp token from the TSA 20.

  Then, the log management apparatus 100 acquires the encrypted log message and the hash value that have not been transmitted to the inspector terminal 200 from the log storage unit 211, the acquired encrypted log message and the hash value, and the time stamp acquired from the TSA 20 The token and the digital signature are transmitted to the inspector terminal 200 (step S204).

[Processing procedure by auditor terminal]
Next, a procedure of processing performed by the inspector terminal 200 according to the first embodiment will be described with reference to FIG. FIG. 9 is a flowchart illustrating a processing procedure performed by the inspector terminal 200 according to the first embodiment.

  As illustrated in FIG. 9, the inspector terminal 200 determines whether various data such as an encrypted log message, a hash value, and a time stamp token have been received from the log management apparatus 100 (step S301). Here, when the various types of data are not received from the log management apparatus 100 (No at Step S301), the inspector terminal 200 stands by until various types of data are received.

  On the other hand, when the inspector terminal 200 receives an encrypted log message or the like from the log management device 100 (Yes in step S301), the inspector terminal 200 verifies the received encrypted log message (step S302). Such verification processing is the same as the processing procedure described with reference to FIG.

  When the auditor terminal 200 receives the time stamp token and the digital signature from the log management apparatus 100 (Yes in step S301), the inspector terminal 200 verifies whether the time stamp token is generated by the TSA 20 using the digital signature. (Step S303).

  Then, the inspector terminal 200 compares the hash value corresponding to the time stamp token among the hash values received from the log management apparatus 100 with the hash value included in the time stamp token (step S304). As a result, the inspector terminal 200 determines whether or not the time information included in the time stamp token indicates the existing time and creation time of each log message corresponding to the hash value included in the time stamp token.

[Effect of Example 1]
As described above, the log management apparatus 100 according to the first embodiment includes the acquisition unit 121 that acquires log messages output in the log output systems 10-1 to 10-n, and a new log message is acquired by the acquisition unit 121. A specific data calculation unit 123 that calculates a hash value of information obtained by combining a hash value for specifying a log message acquired in the past with the new log message and the new log message when acquired. When the predetermined timing is reached, a time indicating the time when the log message group specified by the hash value exists by transmitting the hash value calculated most recently by the specific data calculation unit 123 to the time stamp station And a time stamp giving unit 124 for giving information.

  That is, each time the log management apparatus 100 according to the first embodiment acquires a new log message, the log management apparatus 100 sequentially calculates the hash value using the past log message, and transmits only the specific hash value to the TSA 20. Get a time stamp token. Therefore, the log management apparatus 100 according to the first embodiment does not cause the TSA 20 to generate a time stamp token every time a log message is acquired, and thus it is possible to prevent an increase in a load such as a time stamp token generation process by the TSA 20. .

  In addition, the log management apparatus 100 according to the first embodiment, when a new log message is acquired by the acquisition unit 121, the auditor terminal that verifies the log message output in the log output systems 10-1 to 10-n. When the time information is added to the hash value by the encryption unit 122 that encrypts the new log message using the public key of the asymmetric key encryption method held by the 200 and the time stamp adding unit 124, the hash A transmission unit 125 that transmits the value and the encrypted log message encrypted by the encryption unit 122 to the inspector terminal 200;

  Thereby, the log management apparatus 100 according to the first embodiment manages log messages output in the log output systems 10-1 to 10-n as encrypted log messages that can be decrypted only by the inspector terminal 200. can do.

  In addition, the log management apparatus 100 according to the actual child example 1 calculates a hash value by using the new log message by the specific data calculation unit 123 and encrypts the new log message by the encryption unit 122. Delete such new log messages.

  That is, the log management apparatus 100 according to the first embodiment holds an encrypted log message that can be decrypted only with the private key held by the inspector terminal 200 without holding the plain text log message. Therefore, the log management apparatus 100 can prevent the log message from being tampered with, and as a result, can prevent the encrypted log message and the hash value from being regenerated from the tampered plain text log message.

  Incidentally, the log management apparatus, the log management method, and the log management program according to the present invention may be implemented in various different forms other than the above-described embodiments. Therefore, in the second embodiment, another embodiment of the log management apparatus, the log management method, and the log management program according to the present invention will be described.

[Processing entity]
In the first embodiment, the log management apparatus 100 collects log messages from the log output systems 10-1 to 10-n, and performs an encryption process, a time stamp addition process, and the like on the collected log messages. It was. However, the present invention is not limited to this example, and the log output systems 10-1 to 10-n may have the same function as the log management apparatus 100. That is, in the first embodiment, the log management device 100 and the log output systems 10-1 to 10-n are separated. However, the log management device 100 and the log output system 10-1 are integrated. May be. When the log management apparatus 100 and the log output system 10-1 are integrated, the log output system 10-1 or the like may not have the acquisition unit 121 included in the log management apparatus 100.

[Time stamp token generation opportunity]
In the first embodiment, when the predetermined time has elapsed or when a predetermined number of new log messages have been acquired by the acquisition unit 121, the time stamp adding unit 124 finally calculates the specific data calculation unit 123. An example in which the hash value thus obtained is transmitted to the TSA 20 is shown. However, without being limited to this example, the time stamp assigning unit 124 is finally calculated by the specific data calculating unit 123 when the total size of the log message newly acquired by the acquiring unit 121 exceeds a predetermined value. The hash value may be transmitted to the TSA 20.

[System configuration]
In addition, among the processes described in the above embodiment, all or a part of the processes described as being automatically performed can be manually performed, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method. In addition, the processing procedures, specific names, and information including various data and parameters shown in the document and drawings can be arbitrarily changed unless otherwise specified.

  Further, each component of each illustrated apparatus is functionally conceptual, and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution / integration of each device is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed or arbitrarily distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured. For example, in the first embodiment, an example in which the encryption unit 122 or the specific data calculation unit 123 deletes the plaintext log message after the encryption process and the hash value calculation process are completed is shown. Here, instead of the encryption unit 122 or the specific data calculation unit 123 deleting the plaintext log message, the log management apparatus 100 may include a deletion unit that deletes the plaintext log message.

[program]
It is also possible to create a program in which the processing executed by the log management apparatus 100 described in the above embodiment is described in a language that can be executed by a computer. For example, a log management program in which processing executed by the log management apparatus 100 according to the first embodiment is described in a language that can be executed by a computer can be created. In this case, when the computer executes the log management program, the same effect as in the first embodiment can be obtained. Further, the log management program is recorded on a computer-readable recording medium, and the log management program recorded on the recording medium is read by the computer and executed, thereby realizing the same processing as in the first embodiment. Also good. Hereinafter, an example of a computer that executes a log management program that realizes the same function as the log management apparatus 100 illustrated in FIG. 2 will be described.

  FIG. 10 is a diagram illustrating a computer 1000 that executes a log management program. As illustrated in FIG. 10, the computer 1000 includes, for example, a memory 1010, a CPU 1020, a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network interface 1070. These units are connected by a bus 1080.

  As illustrated in FIG. 10, the memory 1010 includes a ROM (Read Only Memory) 1011 and a RAM (Random Access Memory) 1012. The ROM 1011 stores a boot program such as BIOS (Basic Input Output System). The hard disk drive interface 1030 is connected to the hard disk drive 1031 as illustrated in FIG. The disk drive interface 1040 is connected to the disk drive 1041 as illustrated in FIG. For example, a removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive. The serial port interface 1050 is connected to, for example, a mouse 1051 and a keyboard 1052 as illustrated in FIG. The video adapter 1060 is connected to a display 1061, for example, as illustrated in FIG.

  Here, as illustrated in FIG. 10, the hard disk drive 1031 stores, for example, an OS 1091, an application program 1092, a program module 1093, and program data 1094. That is, the log management program is stored in, for example, the hard disk drive 1031 as a program module in which a command executed by the computer 1000 is described. For example, an acquisition procedure for executing information processing similar to that of the acquisition unit 121 illustrated in FIG. 2, an encryption procedure for executing information processing similar to that of the encryption unit 122, and information processing similar to that of the specific data calculation unit 123 are performed. A program module 1093 in which a specific data calculation procedure to be executed, a time stamp giving procedure for executing information processing similar to that of the time stamp adding unit 124, and a transmission procedure for executing information processing similar to that of the transmitting unit 125 are described. Stored in the hard disk drive 1031.

  Various data held by the log management apparatus 100 described in the above embodiment is stored as program data in, for example, the memory 1010 or the hard disk drive 1031. Then, the CPU 1020 reads out the program module 1093 and the program data 1094 stored in the memory 1010 and the hard disk drive 1031 to the RAM 1012 as necessary, and obtains an acquisition procedure, an encryption procedure, a specific data calculation procedure, a time stamp assignment procedure, and a transmission procedure. Execute.

  The program module 1093 and the program data 1094 related to the log management program are not limited to being stored in the hard disk drive 1031, but are stored in, for example, a removable storage medium and read out by the CPU 1020 via the disk drive or the like. Also good. Alternatively, the program module 1093 and the program data 1094 related to the log management program are stored in another computer connected via a network (LAN (Local Area Network), WAN (Wide Area Network), etc.), and the network interface 1070 is stored. Via the CPU 1020.

1 Log management system 20 TSA
DESCRIPTION OF SYMBOLS 100 Log management apparatus 110 Memory | storage part 111 Key memory | storage part 112 Log memory | storage part 120 Control part 121 Acquisition part 122 Encryption part 123 Specific data calculation part 124 Time stamp provision part 125 Transmission part 200 Auditor terminal 210 Storage part 211 Log storage part 212 Verification result storage unit 220 Control unit 221 Reception unit 222 Log message verification unit 223 Time stamp verification unit

Claims (5)

An acquisition unit for sequentially acquiring log messages output in the computer system;
Specific data for specifying combined information between a past log message acquired in the past than the log message acquired by the acquiring unit and predetermined data, and new specification for specifying combined information between the log message Calculation for calculating data and calculating specific data for specifying combined information between the new specific data as predetermined data and the new log message when a new log message is acquired by the acquisition unit And
When a predetermined amount of time has passed, or when a predetermined amount of log message has been acquired by the acquisition unit, the specific data calculated most recently by the calculation unit is transmitted to a time stamp station, whereby the specific data A log management device comprising: an adding unit that adds time information indicating a time when a specified log message group exists to the log message group. Encryption that encrypts the log message using a public key of an asymmetric key encryption method held by a verification device that verifies the log message output in the computer system when the log message is acquired by the acquisition unit And
A transmission unit that transmits the specific data and the encrypted log message encrypted by the encryption unit to the verification device when time information is added to the specific data by the adding unit. The log management apparatus according to claim 1, wherein And further comprising: a deletion unit that deletes the log message after the calculation unit calculates specific data using the log message and the encryption unit encrypts the log message. The log management apparatus according to claim 2. A log management method executed by a log management device,
An acquisition step of sequentially acquiring log messages output in the computer system;
Specific data for specifying combined information between past log messages acquired in the past and predetermined data than the log message acquired by the acquiring step, and new specification for specifying combined information between the log messages Calculation for calculating data and calculating specific data for specifying combined information between the new specific data as predetermined data and the new log message when a new log message is acquired by the acquisition step Process,
When a predetermined amount of time has passed, or when a predetermined amount of log message has been acquired by the acquisition step, the specific data calculated most recently by the calculation step is transmitted to a time stamp station, whereby the specific data And a granting step of giving time information indicating the time when the specified log message group exists to the log message group. An acquisition procedure for sequentially acquiring log messages output in the computer system;
Specific data for specifying combined information between past log messages acquired in the past than the log message acquired by the acquisition procedure and predetermined data, and new specification for specifying combined information between the log messages Calculation for calculating data and calculating specific data for specifying combined information between the new specific data as predetermined data and the new log message when a new log message is acquired by the acquisition procedure Procedure and
When a predetermined time has passed, or when a predetermined amount of log message is acquired by the acquisition procedure, the specific data calculated most recently by the calculation procedure is transmitted to a time stamp station, A log management program that causes a computer to execute a granting procedure for granting time information indicating a time when a specified log message group exists to the log message group.

Images