Guardtime has launched a strategic cooperation with the Estonian Ministry of Interior’s IT and Development Centre (SMIT) to provide independent mathematical verifiability for audit trails. SMIT operates Estonia’s information systems for rescue, police and border guard and manages the country’s tie-ins to EU information systems like the Schengen Information System, EURODAC and VIS. 

Last year, 158 ​​legal proceedings against civil servants in Germany were underway due to misuse of their service databases [1]. Similarly, 237 UK police force staff members were punished for violating their service IT systems [2]. These cases highlight the vulnerability of digital databases and need to allocate substantially greater effort to detect misconduct that only increases in difficulty with the growth in the volume of data and new distributed workflows which are being run outside of enterprise perimeters.

These challenges create a growing need for analysing system logs and securing the integrity of audit trails that record who performs what activity and how the information system responds. This plays an important part of any industry’s overall information governance strategy. Maintaining the integrity of audit trails is vital in order to evoke and enforce societal trust but also to mitigate against negative influences and to protect an organization from liability during legal challenges.

Guardtime Truetrail is a new audit trail management solution for proving the integrity and ensuring the validity and accuracy of audit logs. TrueTrail detects any unauthorized changes and ensures that audit trails can be presented as evidence with independently verifiable proof. 

SMIT bears the responsibility for helping rescuers, police officers, and emergency staff prevent accidents and save lives. As such the ICT services provided by SMIT must be irrefutable at all times. Logs from various SMIT information systems serve as evidence in court and provide the certainty that the information in the audit logs has not been altered is vital prerequisite to their use, as any alleged misuse of state’s databases must be supported with indisputable evidence. Truetrail technology supplies SMIT's audit logs with mathematical proof showing that the logs presented are correct.

Head of Information Security Department at SMIT, Uko Valtenberg states:

Our job in SMIT does not solely require assuring security of mission-critical services but also preventing their misuse and enforcing accountability. Our cooperation with Guardtime provides us the indisputable evidence about the use of our system - or simply put - with the Truetrail solution we can definitively prove who did what and when.
Truetrail is built on the KSI Blockchain, deployed in production by Estonian e-government since 2012. This provides certain unique benefits for audit logs:
  • independent verifiability and indefinite validity,
  • compliance to regulatory requirements,
  • proof of the time and integrity of the events, as well as proving that events are in the correct order and none have been deleted;
  • 100% data privacy - only hashes of data are processed, customer data is not ingested.
Truetrail registers every event (every log line, every database entry, etc) on the KSI Blockchain while assuring the integrity by constant re-verification of registered events. The key technical challenge with securing log streams is the lack of clearly defined batches. Truetrail builds virtual batches of messages on the fly and aggregates them locally to be registered on the blockchain. It is then able to retrieve the messages in the right order for verification and proof extraction. Targeted platform includes Apache Kafka, Apache Avro, Hashicorp stack, Docker, Amazon S3 object storage etc.

Ivo Lõhmus, Product Manager at Guardtime concludes:
As a result of the Truetrail implementation project we will be assuring proof value of audit log messages of thousands of services in a highly distributed environment. The project is currently in the implementation phase and we expect to reach full-scale production deployment before the end of the year.

Discover more and get in touch: https://guardtime.com/truetrail

Guardtime’s development of the TrueTrail solution is supported by European Union’s Horizon 2020 research and innovation programme.

____________________________________________________________________________________________________
[1] https://www.spiegel.de/panorama/justiz/datenschutz-familie-freunde-nachbarn-wie-polizisten-ihr-umfeld-ausspionieren-a-1294411.html
[2] https://www.theregister.com/2019/11/11/police_database_security/