JP4718321B2 - Log audit system and log audit method - Google Patents

Description

  The present invention relates to an audit technique for an access log to a database or the like, and more particularly, to a log audit technique for protecting confidential information included in a log using an electronic sanitization technique.

  An organization such as a company often builds and manages a database of customer information and the like, but in recent years, information leak cases in which information of this type of database is illegally leaked outside the organization have frequently occurred. In particular, leakage of personal information such as customer information, and misuse of leaked information not only infringe on customer privacy, but also seriously damages corporate brands and customer trust. Become. As described above, the leakage of the contents of the database inside the organization causes a great damage to the organization, and it can be said that the prevention is very important.

  The cause of the case where database customer information etc. is illegally leaked outside the organization is due to unauthorized intrusion (unauthorized access) from outside the organization, but there are many cases of unauthorized internal use by authorized users. is there. Since this internal fraud is performed by a person who has been given access authority to confidential information, it cannot be prevented by measures based on access control. Therefore, auditing access logs is indispensable for database operation management.

  Conventionally, in general, date and time, executor, operation location, execution contents, execution result, etc. are recorded as a log regarding access to confidential information in a database, and the fraud is detected by auditing the log. In addition, it has also been proposed that fraud detection be performed through several stages of investigation as follows (for example, Non-Patent Document 1). First, as a first step, an access suspected of fraud is extracted from the access time zone and the number of cases. Next, with regard to the extracted access, a detailed log is used, such as whether work is actually required, and in some cases, it is investigated together with information other than the log. In Non-Patent Document 1, the characteristic information of log information is illustrated by information visualization and presented to the inspector in association with the log information display by characters, thereby burdening humans to investigate log information. Mitigation is possible.

  On the other hand, when a document is disclosed, if confidential information such as personal information is included in the document, the document is disclosed after the portion is sanitized. When an electronic document is disclosed, if the confidential information contained in the electronic document should be kept confidential, it is desirable that the electronic document be electronically painted on the part.

  2. Description of the Related Art Conventionally, various electronic document sanitization techniques have been proposed that enable verification of a signature even after a process of concealing a part of the electronic document after an electronic signature is performed on the electronic document (for example, non-documentation). Patent Document 2, Non-Patent Document 3, Non-Patent Document 4, etc.).

  In these electronic document sanitization techniques, the person who creates the electronic document is the same as the person who performs the electronic signature (hereinafter referred to as the signer). The signer divides the created electronic document into a plurality of blocks, calculates a hash value for each block, and performs an electronic signature on the hash list. The sanitizer publishes the original data itself for the disclosed block in the hash list and the electronic sanitized document with the hash value selected for the block to be sanitized. The verifier converts the original data block in the electronic sanitized document into a hash value, and performs signature verification using the hash list. As a result, it is possible to verify the signature of an electronic document that has been digitally signed without being detected as an alteration of the electronic document with respect to the sanitization performed by the sanitizer. It is possible to conceal confidential information such as personal information. Non-Patent Document 4 proposes a technique that enables identification and identification of not only the signer but also the sanitizer.

Tetsuji Takada, Hideki Koike, “Appearance Log: Log Information Browser Using Information Visualization and Text Mining” Transactions of Information Processing Society of Japan, Vol. 41, no. 12, pp. 3265-3274, 2000 Kunihiko Miyazaki, Seiichi Susaki, Mitsuru Iwamura, Tsutomu Matsumoto, Ryoichi Sasaki, Hiroshi Yoshiura, “Electronic Documents Sumitizing Problem” Science Technique ISEC 2003-20, 61-67, 2003 Kunihiko Miyazaki, Mitsuru Iwamura, Tsutomu Matsumoto, Ryoichi Sasaki, Hiroshi Yoshiura, Satoru Tezuka, Hideki Imai, “Electronic document sanitization technology with controllable disclosure conditions” 2004 Cryptography and Information Security Symposium (SCIS2004), 2D3-2) pp . 515-520, 2004 Masahiko Takenaka, Koji Yoshioka, Nobuyuki Kanaya, “Inking method of electronic documents that verifier can distinguish between signer and sanitizer” Computer Security Symposium 2004 (CSS2004), pp. 475-480, 2004

  Previously, the execution contents and execution results included in the log were mainly executed commands and menu types and execution success / failures. However, in recent years, executed searches have been performed to ensure the detection and tracking of fraud. There is a tendency to record more detailed information such as processing search conditions, search results, and update contents of update processing as a log. As a result of recording in detail a log relating to access to confidential information, the log includes a part or all of confidential information to be protected such as personal information.

  On the other hand, the person who performs the audit of the log is not necessarily the person who has the access authority to the confidential information such as the information system department or the outside contractor. The act of these auditors auditing the access log to the confidential information would permit more persons than the original business, that is, the auditor to access the confidential information. As a result, log auditing may cause information leakage. In conventional log monitoring systems such as Non-Patent Document 1, measures for such a case are not considered.

  On the other hand, it is conceivable to configure a log monitoring system having a mechanism for concealing confidential information included in a log by using an electronic sanitization technique as described in Non-Patent Documents 2 to 4. However, since any electronic sanitization technology is based on the premise that the data to be sanitized is a hash list and the creator itself gives an electronic signature, the existing time stamp service can be used as it is. Even if the disclosure log contains a sanitized portion, the certification information issued to the original log by a trusted third party cannot be verified.

An object of the present invention is to provide a log audit system and a log audit method capable of verifying certification information issued to an original using a disclosure log in a state where a confidential information portion of the original log is concealed .

It is another object of the present invention to provide a log audit system and a log audit method capable of verifying an execution place and an execution person who conceals confidential information in an original log .

Another object of the present invention is to provide a log audit system and a log audit method capable of detecting an additional concealment portion after concealing the confidential information portion of the original log .

It is another object of the present invention to provide a log audit system and a log audit method that can detect a tampering after concealing a confidential information portion of an original log .

It is another object of the present invention to provide a log audit system and a log audit method that cannot acquire confidential information that is concealed using a disclosed log .

It is another object of the present invention to provide a log audit system and a log audit method in which the disclosed log cannot be used for estimation of confidential information that is concealed .

  The present invention leaves information necessary for determining whether there is a suspicion of fraud such as the date and time of access, the executor, the investigation location, the command type, the customer number to be processed in the initial stage of log audit. On the other hand, it is possible to realize an audit in a sanitized state in which confidential information such as a customer's address and name is hidden.

  The privacy manager in the organization (hereinafter referred to as the sanitizer) creates a disclosure log by sanitizing a part of the original log so that an audit can be requested by a person who does not have the authority to reference confidential information. To do. This disclosure log is passed from the sanitizer to the log auditer. The log auditing person audits the log by using a part of the original log provided by the sanitizer that is sanitized.

  Here, it is assumed that the log audit by the log auditer can be performed in the state where the following requirements are satisfied.

  Requirement 1: Even if the disclosure log includes a sanitized portion, it is possible to verify the certification information issued to the original log by a reliable third party. That is, if there is no modification other than sanitization, the verification succeeds, and if a modification other than sanitization is performed, the verification fails.

Requirement 2: It is possible to verify who has done what part of sanitization.
Requirement 3: After the sanitization, the sanitized part cannot be added illegally.
Requirement 4: Confidential information of the original log corresponding to the sanitized part is not leaked from the contents of the disclosure log.
Requirement 5: An attacker who tries to estimate information on the sanitized portion cannot use the disclosure log itself as a means for guaranteeing the validity of the estimation result.

  Requirement 1 is necessary for verifying the certification information acquired in order to obtain the information that proves the falsification prevention and acquisition time of the original log using the disclosure log. Requirement 2 is necessary to verify the legitimacy of the sanitizer. Requirement 3 is necessary to prevent an illegal act in which a third party conceals an inconvenient part after the sanitization by the sanitizer. Requirement 4 and Requirement 5 are necessary for protecting confidential information by sanitization.

  In the present invention, an administrator first acquires a time stamp issued by a time stamp issuer in order to obtain information that proves falsification prevention and acquisition time for a log output from a system to be audited. (Requirement 1). Next, the sanitizer processes a portion that needs to be sanitized by a one-way function (hereinafter, hash) (requirement 4). At this time, hashing is performed on a random number added so that the original cannot be estimated from the hash value (requirement 5). After sanitization, the sanitizer creates a signature on the sanitized area, thereby guaranteeing the sanitization content he made (requirement 2) and preventing alterations including additional sanitization by unauthorized persons. (Requirement 3) The log auditor verifies the sanitizer signature and the time stamp, and if both verification results are correct, the log auditor audits the unsanitized portion of the disclosure log.

  According to the present invention, even if the information system activity is recorded in detail, the audit can be performed in a state in which the confidential information contained therein is concealed. This makes it possible to avoid inconsistencies in which the auditing action increases the risk of information leakage even though log recording is important because it is a system that handles confidential information.

  In addition, by keeping confidential information in a secret state, it means that the authority to perform daily and large-scale work called log audit can be widely given. This has the effect of making it possible to outsource log audit work to an external organization while minimizing the risk of leakage of confidential information. In addition, for log audit agents, etc., since the confidential information is not included in the handled log, the management cost for handling the log can be reduced compared to the case where the confidential information for the requesting company is included. There is.

  Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings.

  FIG. 1 shows a basic configuration of an embodiment of a log audit system according to the present invention. The enterprise 1000 is an organization that builds and manages a database of customer information and the like, and records and holds logs relating to access to the database. The time stamp issuer 4000 is a supplier that provides a service for issuing a “time stamp” that proves that a specific electronic document exists at a certain time and that the electronic document has not been changed or altered after that time. The company 1000 concludes a time stamp service contract with the time stamp issuer 4000, sends a request for issuing a time stamp to a log as a kind of electronic document held by the company, and is issued for the sent log. Receive time stamp. The log audit agent 3000 is a supplier that receives a log and a log audit policy from the company 1000 and provides a service that performs a log auditing operation in accordance with the log audit policy. The enterprise 1000 concludes a log audit agency service 3000 with a log audit agency service 3000, sends its own log audit policy and its own logs, and receives audit reports performed on the sent logs. Do.

  FIG. 2 is an overall configuration diagram of an embodiment of a log audit system according to the present invention. In FIG. 2, 21 is a security administrator (hereinafter referred to as an administrator), 22 is a sanitizer, 31 is an audit agent, and 41 is a time stamp issuer (hereinafter TSA). The service providing apparatus 100 is a terminal in which a system to be audited that is under the jurisdiction of the company 1000 is operating. The log management apparatus 200 is a terminal that manages logs, which is also under the jurisdiction of the company 1000. The audit execution device 300 is a terminal (log audit device) that performs log audit under the jurisdiction of the log audit agent 3000. The time stamp issuing device 400 is a terminal that issues a time stamp under the jurisdiction of the time stamp issuer 4000. Each device 100, 200, 300, 400 is connected through a network.

  The service providing apparatus 100 includes a service server 110 to be audited, a log output agent 120 that outputs an operation log of the service server 110, and a database 130 accessed by the service server 110.

  The log management device 200 includes a log management server 210, a sanitizing unit 220 as a log concealment device, and a storage device 230. The storage device 230 stores an original log and a sanitizing log, which will be described later, and also stores a signature key and a verification key used by the sanitizer 22 in advance. The log management apparatus 200 is operated by an administrator 21 and a sanitizer 22.

The audit execution device (log audit device) 300 includes a verification unit 310, an audit unit 320, and a storage device 330. Assume that the storage device 330 stores in advance the verification key of the TSA 41 and the verification key of the sanitizer 22 obtained by the audit agent 23 . The audit execution device 300 is operated by the audit agent 23.

  The time stamp issuing device 400 includes a time stamp server 410, a storage device 420, and a hardware or software mechanism clock 430. Assume that the storage device 420 stores in advance a signature key and a verification key used by the TSA 41. This time stamp issuing device 400 is operated by the TSA 41.

  Hereinafter, the operation of the present embodiment will be described with reference to the processing sequence of FIG.

<Storage of original logs>
In the service providing apparatus 100, when the service server 110 performs some processing such as accessing the database 130, the log output agent 120 detects it and generates a log. The log output agent 120 transmits the generated log to the log management server 210 of the log management apparatus 200.

The log management server 210 stores the received log in the storage device 230. One entry of the log is composed of a plurality of blocks ( _mi ) such as an executor name, time, processing target, instruction type, instruction argument, and the like. Here, when _mi is used as it is, it is possible to confirm the correctness by comparing a hash value h _i described later with a hash value of the content estimated by the unauthorized person from the original log. The above requirement 5 cannot be satisfied. Therefore, in the present embodiment will be prevented by combining the random number r _i and m _i. In the following description, a combination of _{m i} and _{r i} the _(m i, _{r i),} simply as describing the _{m i.}

Here, the log is a set of a plurality of blocks, and the log M
M = {m ₁ , m ₂ , m ₃ ,..., M _n } (1)
It is expressed. The sanitizing process described later is performed in units of blocks of the log M.

The log management server 210, the log storage unit 230 reaches a predetermined amount (n block), to generate an appropriate random number r _i for each nuclear blocks, calculates a hash value of each block m _i log M Hash list H
Hash list = {h ₁ , h ₂ , h ₃ ,..., H _n }, h _i = hash (m _i ) (2)
Is generated. Subsequently, a further hash value of the hash list H is calculated, and a log digest d that is one hash value from which a time stamp is acquired.
Log digest = hash (H) (3)
Is generated. The storage device 230 stores one or a plurality of sets of the log M and the log digest d.

  The log management server 210 transmits the log digest d in the storage device 230 to the time server 410 of the time stamp issuing device 400 periodically or by an operation of the log management device 200 by the administrator 21 or the like. Request publication.

The time stamp server 410 that has received the time stamp issuance request reads the signature key (secret key) of the TSA 41 from the storage device 420, and then acquires time information t from the clock 430. Then, for the set of the time information t and the log digest d received from the log management server 210, the time stamp T
Timestamp = Sign _TSA (t‖d) (4)
Issue. When a plurality of log digests are received, a time stamp is issued for each log digest. Thereafter, the time stamp server 410 returns the time t and the time stamp T to the log management server 210.

The log management server 210 receives the log M that is the basis of the time stamp issuance request, the time information t and the time stamp T returned from the time stamp server 410,
Original log (M, t, T) (5)
Stored in the storage device 230. In this way, one or a plurality of sets of original logs (M, t, T) are stored in the storage device 230.

<Inking>
The sanitizer 22 operates the log management device 200 periodically or at any time, reads the log M from the original log (M, t, T) stored in the storage device 230, and sanitizes which block. It is determined whether to perform processing, and the sanitizing unit 220 is activated. The sanitizing unit (log concealment device) 220 performs sanitization processing on the log M by hardware logic or a sanitizing program as follows.

The sanitizing unit 220 takes in the log M and, based on the determination of which block of the sanitizer 22 should be sanitized, n bit strings p ₁ , p ₂ , p, which are the number of blocks of the log M _3, ... consisting of p _n sanitizing position information P
P = {p ₁ , p ₂ , p ₃ ,..., P _n } (6)
Create Here, the bit p _i is set to 0 when not sanitized and is set to 1 when sanitized.

Next, sanitizing unit 220 for each block m _i log M, according sanitizing position information P, carried out redaction processing, redaction processing is specified block (p _i = 1 block), the replacing the contents of the hash value h _i of the corresponding block, redaction processing is not designated block (p _i = 0 of the blocks), and is maintained at m _i without changing its contents. Then, for each block m _i log M, those sanitizing process is completed as l _i, sanitizing log L
L = {l _1, l _2, l _3, ..., L _n } (7)
Create That is, the case of not performing sanitizing l _i = m _i, the case of performing sanitizing a l _i = h _i.

Next, the sanitizing unit 220 reads the signature key (secret key) of the sanitizer 22 from the storage device 230, and uses the signature key to sanitize the set of the sanitizer log L and sanitizer position information P. Signature S
S = Sign _sanititzer (P‖L) (8)
Is generated.

  Then, the sanitizing unit 220 stores a set of the sanitizing position information P, the sanitizing log L, and the sanitizer signature S in the storage device 230 in association with the original log (M, t, T).

  In addition, when a plurality of original logs (M, t, T) are stored in the storage device 230, in accordance with the instructions of the sanitizer 22, the sanitization position information P, the sanitization log are stored for each of them. A set of L and sanitizer signature S is created and stored in the storage device 230.

<Verification>
The log management device 200 receives the time stamp T, the sanitization position information P, the sanitization log L, the sanitizer signature S, the time information t from the storage device 230 periodically or based on an operation by the sanitizer 22 or the like. Read a set of
Disclosure information (T, P, L, s, t) (9)
Is sent to the audit execution device 300 and a log audit is requested.

Upon receiving the disclosure information (T, P, L, S, t) from the log management device 200, the audit execution device (log audit device) 300 first performs the following in the verification unit 310 using hardware logic or a verification program. In this way, verification of the sanitizer signature and verification of the time stamp are performed.
Verification of sanitizer signature The verification unit 310 reads the verification key of the sanitizer 22 from the storage device 330, and uses the verification key to determine the sanitizer position S from the sanitizer signature S included in the disclosure information. And the sanitizing log L are acquired. Next, the sanitization position information P and the sanitization log L acquired from the sanitizer signature S are compared with whether the sanitization position information P and the sanitization log L included in the disclosure information match. Validity of sanitization position information P and sanitization log L Verify _sanitizer (S, (P‖L)) → OKorNG (10)
Confirm.
-Time stamp verification If the number (10) is OK, the verification unit 310 uses the sanitization log L and the sanitization position information P to generate a hash list H '.
H ′ = {h ₁ ′, h ₂ ′, h ₃ ′,..., H _n ′} (11)
To restore. That is, for each block l _i of the sanitization log L, the block for which sanitization processing is designated by the sanitization position information P (l _i = h _i if there is no illegal modification) is directly set to l _i (l _i = h _i ′), a block for which no sanitization process is specified (l _i = m _i if there is no unauthorized modification) replaces the contents with the hash value hash (l _i ) of the corresponding block (h _i ′ = hash ( l _i )).

Further, the verification unit 310 calculates a further hash value of the hash list H ′, and the log digest d ′.
d '= hash (H') (12)
Is generated. Also, the verification key (public key) of the TSA 41 is read from the storage device 330, and the time information t and the log digest d are acquired from the time stamp T included in the disclosure information using the verification key.

Then, the verification unit 310 compares the time information t and the log digest d acquired from the time stamp T with the time information t included in the disclosure information and the generated log digest d ′ to match the time information Validity of t and log digest d Verify _TSA (T, (t‖d)) → OKorNG (13)
Confirm.

<Audit>
When the verification result of the sanitizer signature S and the verification of the time stamp T are correct, the verification unit 310 passes the sanitization log L of the disclosure information (T, P, L, S, t) to the audit unit 320. The auditing unit 320 performs auditing according to a predetermined auditing standard for a portion (l _i = m _i ) of the sanitizing log L that has not been sanitized by hardware logic or an audit program.

  When the audit execution device 300 receives a plurality of disclosure information from the log management device 200, the above verification and audit are repeated for each disclosure information.

  Although the embodiment of the present invention has been described above, the service providing apparatus and the log management apparatus can be the same apparatus in addition to the configuration of the embodiment. In addition to the configuration of the embodiment, the log management server and the sanitizing unit (log concealment device) can be implemented by different terminals and devices. The same applies to the verification department and the audit department.

  In the embodiment, the verification key is prepared in advance in the verification of the sanitizer signature and the verification of the time stamp by the audit execution apparatus. However, when necessary, the log management apparatus dynamically It can also be obtained from a time stamp issuing device. In order to further increase the security, it is possible to confirm whether the verification key is valid immediately before the verification process.

  The processing functions of some or all of the devices in the system shown in FIG. 2 can be configured by a computer program, and the program can be executed using the computer to implement the present invention, or the processing procedure Needless to say, can be configured by a computer program and the program can be executed by the computer. In addition, a computer-readable recording medium such as an FD, MO, ROM, memory card, CD, or the like is stored in the computer. In addition, the program can be recorded and stored on a DVD, a removable disk, etc., and the program can be distributed through a network such as the Internet.

1 is a basic configuration diagram of an embodiment of a log audit system according to the present invention. FIG. 1 is an overall configuration diagram of an embodiment of a log audit system according to the present invention. The operation | movement sequence diagram of the log inspection system by this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Service provision apparatus 110 Service server 120 Log output agent 130 Database 200 Log management apparatus 210 Log management server 220 Blacking section 230 Storage apparatus 300 Audit execution apparatus 310 Verification section 320 Audit section 330 Storage apparatus 400 Time stamp issuing apparatus 410 Time stamp server 420 storage device 430 clock

Claims (4)

A log audit system for auditing logs related to database access,
It consists of a service providing device, log management device, log concealment device, log audit device and time stamp issuing device ,
The service providing apparatus includes a database, and includes means for generating a log and transmitting the log to the log management apparatus when the database is accessed.
The log management device has means for holding a log sent from the service providing device, and a plurality of blocks _mi (i = 1, 2, 3,..., N) when the held log reaches a certain amount. in configured log _{M = {m 1, m 2} , m 3, ..., m n} as, by calculating the respective log M blocks m _i of the hash value _{h i = hash (m i)} , hash list H = {h ₁ , h ₂ , h ₃ ,..., H _n }, means for generating a log digest d by calculating a hash value of the hash list H, and issuing a time stamp for the log digest d Means for transmitting to the apparatus and requesting issuance of a time stamp, means for receiving time information t and time stamp T = Sign _TSA (t‖d) from the time stamp issuing apparatus, the log M and the time information t And timestamp T as the original log Provided with a means that,
When the time stamp issuing device receives the log digest d from the log management device, the time stamp issuing device acquires time information t from the clock mechanism, and for the set of the time digest t and the log digest d received from the log management device, the time stamp t Means for issuing a time stamp T = Sign _TSA (t‖d) by means of a stamp signature key, and means for returning the time information t and the time stamp T to the log management device,
The log concealment device generates means for obtaining the original log (M, t, T) stored by the log management device and sanitization position information P indicating which block of the log M should be sanitized. means for, for each block m _i log M taken out from the original log, on the basis of the sanitizing position information P, the block for sanitizing process, converts the m _i in the hash value h _i h and _i = l _i, the block is not performed sanitizing process, step, while m _i = l _i of m _i, sanitizing log _{L = {l 1, l 2} , l 3, ..., l n} means for generating And means for generating a _sanitizer signature S = Sign _sanitizer (P‖L) with a _sanitizer signature key for the set of the sanitizing position information P and the sanitizing log L, and a time of the original log Information t and time stamp T, and the generated sanitization position information Send the log audit apparatus comprising means for requesting the log audit P and sanitizing log L and sanitizer signature S as disclosed information,
Upon receiving the disclosure information (t, T, P, L, S) from the log concealment device, the log audit device uses the sanitizer verification key to sanitize the sanitizer signature S included in the disclosure information. Means for acquiring position information P and sanitization log L, comparing the sanitization position information P and sanitization log L included in the disclosure information, and verifying the sanitizer signature; The hash list H ′ = {h ₁ ′, h ₂ ′, h ₃ ′,..., H _n ′} is restored from the paint position information P, and the hash value of the hash list H ′ is calculated to obtain the log digest d ′. The time information t and the log digest d are obtained from the time stamp T included in the disclosure information, and the time information t included in the disclosure information and the generated log digest d are obtained using the time stamp verification key. Compared to ′, times Means for verifying the pump, if the sanitizer's signature and time stamp of the verification result is correct, comprising means for carrying out audits of sanitizing untreated portion of the sanitizing log L of the disclosed information,
A log audit system characterized by that. Characterized in log audit system of claim 1, wherein the log management device, the hash value by adding a random number r _i in each block m _i log _{M hi = hash (m i,} r i) calculating a Log audit system.   2. The log audit system according to claim 1, wherein the log management device and the log concealment device are configured by the same device, and include a log M, time information t, time stamp T, sanitized position information P, sanitized log L, A log audit system characterized by sharing means for storing the sanitizer signature S. A log audit method for auditing logs related to database access,
Service providing device, log management device, log concealment device, log audit device and time stamp issuing device ,
When the database is accessed, the service providing device generates the log and sends it to the log management device.
The log management device holds a log sent from the service providing device, and when the held log reaches a certain amount, it is composed of a plurality of blocks _mi (i = 1, 2, 3,..., N). log M = is _{{m 1, m 2, m} 3, ..., m n} as, by calculating the respective log M blocks m _i of the hash value _{h i = hash (m i)} , hash list H = {H ₁ , h ₂ , h ₃ ,..., H _n } are generated, a hash value of the hash list H is calculated to generate a log digest d, and the log digest d is transmitted to the time stamp issuing device. Request a time stamp,
When receiving the log digest d from the log management device, the time stamp issuing device acquires time information t from the clock mechanism, and for the set of the time digest t and the log digest d received from the log management device, A time stamp T = Sign _TSA (t‖d) is issued by the time stamp signature key, and the time information t and the time stamp T are returned to the log management device;
The log management device stores the time information t returned from the time stamp issuing device and the time stamp T = sign _TSA (t‖d) in storage means,
The log concealment device acquires the original log (M, t, T) from the storage unit, generates sanitizing position information P indicating which block of the log M should be sanitized, and the original log for each block m _i log M taken out from, based on the sanitizing position information P, the block for sanitizing process, and h _i = l _i converts the m _i in the hash value h _i, black block is not performed coating process, step, while m _i = l _i of m _i, sanitizing log _{L = {l 1, l 2} , l 3, ..., l n} generates, said sanitizing position information P A _sanitizer signature S = Sign _sanitizer (P‖L) is generated for the set of the sanitization log L by using the sanitizer signature key, and the time information t and time stamp T of the original log are further generated. Disclosure information about sanitization position information P, sanitization log L, and sanitizer signature S And send it to log audit system to request a log audit as,
Upon receiving the disclosure information (t, T, P, L, S) from the log concealment device, the log audit device uses the sanitizer verification key to sanitize the sanitizer signature S included in the disclosure information. The position information P and the sanitization log L are acquired, and compared with the sanitization position information P and the sanitization log L included in the disclosure information, the sanitizer signature is verified. The hash list H ′ = {h ₁ ′, h ₂ ′, h ₃ ′,..., H _n ′} is restored from the paint position information P, and the hash value of the hash list H ′ is calculated to obtain the log digest d ′. And using the time stamp verification key to obtain time information t and log digest d from time stamp T included in the disclosure information, and time information t included in the disclosure information and the generated log digest d ′ Compare and detect timestamp And, if the sanitizer's signature and time stamp of the verification result is correct, to conduct an audit for sanitizing untreated portion of the sanitizing log L of the disclosed information,
A log audit method characterized by the above.

Images