On the Confidential Auditing of Distributed Computing Systems
- Additional Document Info
- View All
In this paper, we propose a confidential logging and auditing service for distributed information systems. We propose a cluster-based TTP (trusted third party) architecture for the event log auditing services, so that no single TTP node can have the full knowledge of the logs, and thus no single node can misuse the log information without being detected. On the basis of a relaxed form of secure distributed computing paragidms, one can implement confidential auditing service so that the auditor can retrieve certain aggregated system information e.g., the number of transactions, the total volume, the event traces, etc., without having to access the full log data. Similar to the peer relationship of routers to provide global network routing services, the mutually supported, mutually monitored cluster TTP architecture allows independent systems to collaborate in network-wide auditing without compromising their private information.
author list (cited authors)
Shen, Y., Lam, T. C., Liu, J., & Zhao, W.