Critical records, such as business communications, financial statements and medical images, are increasingly being stored in electronic form, which makes them relatively easy to clandestinely destroy and modify. Ensuring that records are not only readily accessible and accurate, but also credible and irrefutable, is particularly imperative given recent legal and regulatory trends. The
US alone currently more than 10,000 such regulations (e.g. Sarbanes-Oxley Act, SEC Rule 17a-3/4, HIPPA, DOD 5015.2). The
key focus of many of these regulations is to ensure that records are trustworthy.
Given the extremely high stakes that could be involved in tampering with the records, the threat of intentional and inside attacks is very real. Under this threat model, the current practice of maintaining records in Write Once Read Many (WORM) storage is increasingly inadequate to ensure that the records are trustworthy, i.e. able to provide solid proof and accurate details of past events. For example, with the large volume of records and short query response time typical today, the records have to be indexed, but traditional indexing methods allow records, even those stored in WORM storage, to be effectively (logically) altered and deleted by an insider adversary. Moreover, many records have long retention periods, requiring them to be periodically migrated to new storage systems, which makes them vulnerable. The aim of this project is to develop a holistic approach to electronic record-keeping.