Start Blogaria Bored bsgen cconf Cookies Dialwhatever dnspb fch
HammerServer jpeginfo kalk Lectures Microproxy msc Nasapics Off The Grid PGPkey Posters SafeEdit Simple listserv syscheck Wallpapers
A little movie
An animation can't be properly rendered. You have probably a too old version of Flash player.
An animation can't be properly rendered. You have probably a too old version of Flash player.
HammerServer
The HammerServer is a networked process where one can send arbitrary
data for storage. The data can of course later be retrieved. But wait,
this is not just a "remote database". The HammerServer makes sure
that the data aren't tampered, by signing the data upon insertion, and
by verifying the signature upon retrieval. The HammerServer is hence
an "audit server" where confidential data can be offloaded, so that
the risk of tampering is reduced.
From the introduction document: An application needs to create
a copy data that may not be tampered. An example is a payment which is
about to be processed. In order to avoid data tampering by internal
staff, a copy of the relevant data is sent to the HammerServer. The
HammerServer sends back a key that uniquely identifies the data. At a
certain time, the application will want to re-verify that its payment
data are still valid, e.g., right before sending the payment request
to the financial clearinghouse. The application uses the key that it
obtained from the HammerServer during insertion, and retrieves the
copy. If the copy is the same as the app's own data, then there was no
tampering. Otherwise, something's afoot - the data was maybe tampered
with in the application's database, or data corruption occurred. In
any case, the application can be sure that the HammerServer's data is
the correct version. And incase the HammerServer's own database is
compromised, then the HammerServer will warn about this.
- The HammerServer can be downloaded as a tar.gz archive. All sources, modules, documentation etc. are contained in the archive.
- You can also read the documetation online to see what the hammerserver's all about, and what you might want to do with it.