Start
   Blogaria
   Bored
   bsgen
   c-conf
   Cookies
   cycliclog
   Dialwhatever
   dnspb
   fch
   HammerServer
   jpeginfo
   kalk
   Lectures
   Microproxy
   msc
   Nasapics
   Off The Grid
   Perl course
   PGPkey
   Posters
   SafeEdit
   Simple listserv
   syscheck
   Wallpapers
   xml tools
Karel as an adult



HammerServer

The HammerServer is a networked process where one can send arbitrary data for storage. The data can of course later be retrieved. But wait, this is not just a "remote database". The HammerServer makes sure that the data aren't tampered, by signing the data upon insertion, and by verifying the signature upon retrieval. The HammerServer is hence an "audit server" where confidential data can be offloaded, so that the risk of tampering is reduced.

From the introduction document: An application needs to create a copy data that may not be tampered. An example is a payment which is about to be processed. In order to avoid data tampering by internal staff, a copy of the relevant data is sent to the HammerServer. The HammerServer sends back a key that uniquely identifies the data. At a certain time, the application will want to re-verify that its payment data are still valid, e.g., right before sending the payment request to the financial clearinghouse. The application uses the key that it obtained from the HammerServer during insertion, and retrieves the copy. If the copy is the same as the app's own data, then there was no tampering. Otherwise, something's afoot - the data was maybe tampered with in the application's database, or data corruption occurred. In any case, the application can be sure that the HammerServer's data is the correct version. And incase the HammerServer's own database is compromised, then the HammerServer will warn about this.

As ever, feedback welcome.