我如何向外部方证明数据文件未被篡改? [英] How can I prove to an outside party that a data file hasn't been tampered with?
问题描述
我们有一个基于C#的Web服务,可以接收来自政治组织的具有法律约束力的文件。
We have a C#-based web service that receives documents from political organizations which are legally binding documents.
当前,我们向文件提供者提供收据,其中包含接收到的文件的校验和,因此我们可以在稍后的时间向文件提交人证明我们系统中存储的文件与原始提交的文件相匹配。收据将作为电子邮件发送给申报人。
Currently, we provide a receipt to the filer which contains a checksum of the file received, so we can prove to the filer at a later point in time that the file stored in our system matches their original submission. The receipt is sent as an e-mail to the filer.
但是,我们无法向第三方审计师证明文件和校验和存储在我们的系统中从未改变过(即恶意的DBA可以更改校验和值以匹配某些伪造的替换文档的内容)。
However, we can't prove to a third-party auditor that the file and checksum stored in our system have never changed (i.e. a malicious DBA could change the checksum value to match the content of some bogus replacement document).
我目前在考虑写-只有在云中某个地方托管的日志文件(大概是由第三方审计师认为相当可信赖的提供商,例如AWS)才能记录每个文件ID和校验和。理想情况下,此远程日志文件的行为就像是老式的会计日记帐一样-您只能用钢笔书写,因此您永远无法擦除上一个条目!
I'm currently thinking in terms of a write-only "log file" hosted out in the cloud somewhere (presumably with a provider that the third-party auditor would find reasonably trustworthy, like AWS) that we can record each filing id and checksum as they happen. Ideally this remote log file would behave like an old-school accounting journal -- you only write in pen, so you can never erase a previous entry!
另一种选择可能是将那些电子邮件回执发送给第三方电子邮件存档提供商? (我们的消息历史记录的数量很小,可能不值得与存档提供商进行对话)。
Another option might be to send those e-mail receipts to a third-party e-mail archive provider? (the volume of our message history is so small, this may not be worth the conversation with an archive provider)
有人建议吗?
推荐答案
对双方而言,最安全的解决方案是让您的客户使用有效的密码证书对提交的内容进行签名,以便他们可以进行合理的验证
The safest solution for both parties would be to have your clients to sign their submissions with a valid cryptographic certificate, so that they can verify beyond any reasonable doubt that the submissions haven't been tampered with.
还有一些方法可以对C#中的内容进行程序签名和验证,这可以使您对此有所了解: http://blogs.msdn.com/b/alejacma/archive/2008/06/25/how-to-sign-and-verify-the-signature-with-net-and-a -certificate-c.aspx?PageIndex = 1
There are also ways to procedurally sign and verify those in C#, this could give you an idea about it: http://blogs.msdn.com/b/alejacma/archive/2008/06/25/how-to-sign-and-verify-the-signature-with-net-and-a-certificate-c.aspx?PageIndex=1
这篇关于我如何向外部方证明数据文件未被篡改?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
