Off The Grid
   Simple listserv
   xml tools
Karel as an adult


The HammerServer is a networked process where one can send arbitrary data for storage. The data can of course later be retrieved. But wait, this is not just a "remote database". The HammerServer makes sure that the data aren't tampered, by signing the data upon insertion, and by verifying the signature upon retrieval. The HammerServer is hence an "audit server" where confidential data can be offloaded, so that the risk of tampering is reduced.

From the introduction document: An application needs to create a copy data that may not be tampered. An example is a payment which is about to be processed. In order to avoid data tampering by internal staff, a copy of the relevant data is sent to the HammerServer. The HammerServer sends back a key that uniquely identifies the data. At a certain time, the application will want to re-verify that its payment data are still valid, e.g., right before sending the payment request to the financial clearinghouse. The application uses the key that it obtained from the HammerServer during insertion, and retrieves the copy. If the copy is the same as the app's own data, then there was no tampering. Otherwise, something's afoot - the data was maybe tampered with in the application's database, or data corruption occurred. In any case, the application can be sure that the HammerServer's data is the correct version. And incase the HammerServer's own database is compromised, then the HammerServer will warn about this.

As ever, feedback welcome.