Blockchain as an Audit-Able Communication Channel

Shigeya Suzuki, Jun Murai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

Applications requiring strict access control, such as medical record query, often require auditing of the query. The current typical design relies on server side logging. However, logging on server-side do not provide strict means of auditing, since the server can be tampered with attackers, and also anybody who has permission to write can modify the log. We propose a scheme using blockchain technology, as a request-response channel for a client-server system, to record both client request and server reply in an audi-table manner. We have implemented a proof-of-concept system on top of a publicly available blockchain testbed. By using a blockchain as a client-server request-response channel, the request-response sequence can be verified by anybody who has access to the blockchain, providing a way to implement audit log for strictly controlled resources.

Original languageEnglish
Title of host publicationProceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017
PublisherIEEE Computer Society
Pages516-522
Number of pages7
Volume2
ISBN (Electronic)9781538603673
DOIs
Publication statusPublished - 2017 Sep 7
Event41st IEEE Annual Computer Software and Applications Conference Workshops, COMPSAC 2017 - Torino, Italy
Duration: 2017 Jul 42017 Jul 8

Other

Other41st IEEE Annual Computer Software and Applications Conference Workshops, COMPSAC 2017
CountryItaly
CityTorino
Period17/7/417/7/8

Fingerprint

Servers
Testbeds
Access control
Computer systems

Keywords

  • audit
  • blockchain
  • secure logging

ASJC Scopus subject areas

  • Software
  • Computer Science Applications

Cite this

Suzuki, S., & Murai, J. (2017). Blockchain as an Audit-Able Communication Channel. In Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017 (Vol. 2, pp. 516-522). [8029983] IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2017.72

Blockchain as an Audit-Able Communication Channel. / Suzuki, Shigeya; Murai, Jun.

Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017. Vol. 2 IEEE Computer Society, 2017. p. 516-522 8029983.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Suzuki, S & Murai, J 2017, Blockchain as an Audit-Able Communication Channel. in Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017. vol. 2, 8029983, IEEE Computer Society, pp. 516-522, 41st IEEE Annual Computer Software and Applications Conference Workshops, COMPSAC 2017, Torino, Italy, 17/7/4. https://doi.org/10.1109/COMPSAC.2017.72
Suzuki S, Murai J. Blockchain as an Audit-Able Communication Channel. In Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017. Vol. 2. IEEE Computer Society. 2017. p. 516-522. 8029983 https://doi.org/10.1109/COMPSAC.2017.72
Suzuki, Shigeya ; Murai, Jun. / Blockchain as an Audit-Able Communication Channel. Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017. Vol. 2 IEEE Computer Society, 2017. pp. 516-522
@inproceedings{a1c88e1b47664fe98843124acb4056a0,
title = "Blockchain as an Audit-Able Communication Channel",
abstract = "Applications requiring strict access control, such as medical record query, often require auditing of the query. The current typical design relies on server side logging. However, logging on server-side do not provide strict means of auditing, since the server can be tampered with attackers, and also anybody who has permission to write can modify the log. We propose a scheme using blockchain technology, as a request-response channel for a client-server system, to record both client request and server reply in an audi-table manner. We have implemented a proof-of-concept system on top of a publicly available blockchain testbed. By using a blockchain as a client-server request-response channel, the request-response sequence can be verified by anybody who has access to the blockchain, providing a way to implement audit log for strictly controlled resources.",
keywords = "audit, blockchain, secure logging",
author = "Shigeya Suzuki and Jun Murai",
year = "2017",
month = "9",
day = "7",
doi = "10.1109/COMPSAC.2017.72",
language = "English",
volume = "2",
pages = "516--522",
booktitle = "Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017",
publisher = "IEEE Computer Society",

}

TY - GEN

T1 - Blockchain as an Audit-Able Communication Channel

AU - Suzuki, Shigeya

AU - Murai, Jun

PY - 2017/9/7

Y1 - 2017/9/7

N2 - Applications requiring strict access control, such as medical record query, often require auditing of the query. The current typical design relies on server side logging. However, logging on server-side do not provide strict means of auditing, since the server can be tampered with attackers, and also anybody who has permission to write can modify the log. We propose a scheme using blockchain technology, as a request-response channel for a client-server system, to record both client request and server reply in an audi-table manner. We have implemented a proof-of-concept system on top of a publicly available blockchain testbed. By using a blockchain as a client-server request-response channel, the request-response sequence can be verified by anybody who has access to the blockchain, providing a way to implement audit log for strictly controlled resources.

AB - Applications requiring strict access control, such as medical record query, often require auditing of the query. The current typical design relies on server side logging. However, logging on server-side do not provide strict means of auditing, since the server can be tampered with attackers, and also anybody who has permission to write can modify the log. We propose a scheme using blockchain technology, as a request-response channel for a client-server system, to record both client request and server reply in an audi-table manner. We have implemented a proof-of-concept system on top of a publicly available blockchain testbed. By using a blockchain as a client-server request-response channel, the request-response sequence can be verified by anybody who has access to the blockchain, providing a way to implement audit log for strictly controlled resources.

KW - audit

KW - blockchain

KW - secure logging

UR - http://www.scopus.com/inward/record.url?scp=85032867530&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032867530&partnerID=8YFLogxK

U2 - 10.1109/COMPSAC.2017.72

DO - 10.1109/COMPSAC.2017.72

M3 - Conference contribution

AN - SCOPUS:85032867530

VL - 2

SP - 516

EP - 522

BT - Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference Workshops, COMPSAC 2017

PB - IEEE Computer Society

ER -