Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACE – Auditing Control Environment

Published byEduardo López Modified over 5 years ago

Similar presentations

Presentation on theme: "ACE – Auditing Control Environment"— Presentation transcript:

1 ACE – Auditing Control Environment
University of Maryland Institute for Advanced Computer Studies

2 Digital Objects: Properties
Mutable Sensitive to accidental changes One bit change can destroy an entire file No storage medium is safe forever Unpredictable Never moved, always copied

3 Risks in Archiving Malicious changes Corruption Hardware faults
Software faults Authenticity Failure recognition window

4 Detecting Changes How do we ensure a file has not changed over time?
Compare against another copy? Expensive operation No guarantee which is correct Solution: Secure Cryptographic Hashing

5 Hashing 101 Entire file run through an algorithm to generate a fixed size, but large number. Dogs and Shakespeare Large number is the hash value Later, rerun the algorithm and compare hash values Secure hashing is a one-way operation Passwords Unsecure hash example: divide by 10

6 Simple Solution Store hash values with the files? Problems:
Easy to change one? Can change both… Unauthorized additions, deletions

7 ACE IMS: Integrity Management Server 3rd-party service
Present hash values, issued tokens Timestamps Validation through IMS Round aggregation Witness values published

8 ACE AM: Audit Manager Registers data holdings Holds issued tokens
Audits files on a periodic basis Three layers of checking File hash against token Token against IMS record IMS Witness challenge

Download ppt "ACE – Auditing Control Environment"

Similar presentations

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.

Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.
Audit Control Environment Mike Smorul UMIACS. Issues surrounding asserting integrity Threats to Integrity of Digital Archives –Hardware/media degradation.

Audit Control Environment Mike Smorul UMIACS. Issues surrounding asserting integrity Threats to Integrity of Digital Archives –Hardware/media degradation.
GRAD 521, Research Data Management Winter 2014 – Lecture 7 Amanda L. Whitmire, Asst. Professor.

GRAD 521, Research Data Management Winter 2014 – Lecture 7 Amanda L. Whitmire, Asst. Professor.
Software Certification and Attestation Rajat Moona Director General, C-DAC.

Software Certification and Attestation Rajat Moona Director General, C-DAC.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Www.nordic-backup.com The Ultimate Backup Solution.

The Ultimate Backup Solution.
Chronopolis: Preserving Our Digital Heritage David Minor UC San Diego San Diego Supercomputer Center.

Chronopolis: Preserving Our Digital Heritage David Minor UC San Diego San Diego Supercomputer Center.
ADAPT An Approach to Digital Archiving and Preservation Technology Principal Investigator: Joseph JaJa Lead Programmers: Mike Smorul and Mike McGann Graduate.

ADAPT An Approach to Digital Archiving and Preservation Technology Principal Investigator: Joseph JaJa Lead Programmers: Mike Smorul and Mike McGann Graduate.
Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.

Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,

Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
ACE: A Software Tool to Ensure the Integrity of Digital Archives Principal Investigator: Joseph JaJa Graduate Student: Sangchul Song Lead Programmer: Michael.

ACE: A Software Tool to Ensure the Integrity of Digital Archives Principal Investigator: Joseph JaJa Graduate Student: Sangchul Song Lead Programmer: Michael.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.

Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.
May 23, 2007 Archiving 2007 1 ACE: A Novel Software Platform to Ensure the Integrity of Digital Archives Sangchul Song and Joseph JaJa Institute for Advanced.

May 23, 2007 Archiving ACE: A Novel Software Platform to Ensure the Integrity of Digital Archives Sangchul Song and Joseph JaJa Institute for Advanced.
Robust Technologies for Automated Ingestion and Long-Term Preservation of Digital Information Principal Investigator: Joseph JaJa Lead Programmers: Mike.

Robust Technologies for Automated Ingestion and Long-Term Preservation of Digital Information Principal Investigator: Joseph JaJa Lead Programmers: Mike.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet

Similar presentations

Ads by Google