Ideally, audit trail logs should show the order in which access events occur. In a distributed system it is not obvious how to guarantee the exact sequence of events that occur across the network, but it is relatively easy to cryptographically chain a given access event on a single server to the previous event on that server. This can be accomplished by cryptographically hashing the previous event, combining this with the current event, and hashing the result as the input to the next event.
The chaining of events across multiple servers can be accomplished by having a single timestamp server that everyone contacts to get their events sequenced. It does not take much imagination to see that this technique will soon become unwieldy when it is used to timestamp for every small auditable event. Timestamping across distributed networks is probably best accomplished by the use of a proprietary technique discovered by Stuart Haber and Scott Stornetta at Bellcore , . They designed a method in which messages are hashed together across different machines in a tree-like structure, producing common hash values that closely link the sequence of events between different legs of the tree. Bellcore created a new company called Surety Technologies to develop this technoloy. Information is available about their services on the Internet at http://www.surety.com.
An important aspect of digital signatures is their temporal characteristics. Certificates for public keys generally have an expiration date, at which point the user needs to have a new certificate issued. There are several good security-related reasons to do this, as well as policy reasons. One of these is the fact that the ability of a user to generate a certain kind of signatures is often tied to their professional certification. For example, a physician has to be certified to practice in a given state, and their ability to sign prescriptions or reports is generally tied to their continued certification. It is natural to tie the certification of their signing keys to their certification in the role that they play in the system.
In order for digital signatures to provide any form of nonrepudiation, it is a good idea to have them incorporate timestamp information. The reason for this is that if a user chooses to repudiate their signatures (say on the basis of arguing that their secret key was compromised), then they should not have complete freedom to repudiate individual signatures. In addition, if it is discovered at some time that a user's secret key was compromised, then it may be necessary to issue a revocation of signatures generated after that date.