Authentic Time-Stamps for Archival Storage

  • Alina Oprea
  • Kevin D. Bowers
Conference paper

DOI: 10.1007/978-3-642-04444-1_9

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)
Cite this paper as:
Oprea A., Bowers K.D. (2009) Authentic Time-Stamps for Archival Storage. In: Backes M., Ning P. (eds) Computer Security – ESORICS 2009. ESORICS 2009. Lecture Notes in Computer Science, vol 5789. Springer, Berlin, Heidelberg

Abstract

We study the problem of authenticating the content and creation time of documents generated by an organization and retained in archival storage. Recent regulations (e.g., the Sarbanes-Oxley act and the Securities and Exchange Commission rule) mandate secure retention of important business records for several years. We provide a mechanism to authenticate bulk repositories of archived documents. In our approach, a space efficient local data structure encapsulates a full document repository in a short (e.g., 32-byte) digest. Periodically registered with a trusted party, these commitments enable compact proofs of both document creation time and content integrity. The data structure, an append-only persistent authenticated dictionary, allows for efficient proofs of existence and non-existence, improving on state-of-the-art techniques. We confirm through an experimental evaluation with the Enron email corpus its feasibility in practice.

Keywords

time-stamping regulatory compliance archival storage authenticated data structures 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Alina Oprea
    • 1
  • Kevin D. Bowers
    • 1
  1. 1.RSA LaboratoriesCambridgeUSA

Personalised recommendations