0

I'm writing SEC complaint (section 17-a4) data protection file system application which needs to write protect the file till the protection expires. Before allowing modification on a file/directory, the application needs to determine the correct current time which is tolerant to altered system time, fake NTP servers, man-in-middle attacks when reading time from secured NTP servers or other general threats. The system won't be SEC compliant as someone can alter the system clock to make the protected file look expired and then deleting it.

So far, I have thought about generating quorum after reading from various secure NTP servers. Other approach is to use own implementation of compliance clock which can't be modified by anyone. The downside of this approach is that such clock won't be reliable across geo-distributed nodes.

I wish someone could help me knowing about prior work done on this problem or other approaches, thank you.

Vishal Sahu
  • 650
  • 12
  • 23
  • I've read https://stackoverflow.com/questions/2510649/how-to-make-my-java-app-get-global-time-from-some-online-clock , https://stackoverflow.com/questions/2817475/java-get-current-date-and-time-from-server-not-system-clock and other posts. – Vishal Sahu Jun 05 '18 at 21:38
  • What is the purpose? Who would want to change time? There is almost certainly no point in querying multiple ntp servers. – Gabor Lengyel Jun 06 '18 at 08:01
  • We have data which should be retained for particular time period. The system clock can be altered to force data to expire early and hence getting deleted. To enforce, we want a clock which always gives us correct UTC time - network delays. The evaluation agencies don't trust all NTP servers. Some one with wrong time can pretend to be NTP server / overwrite my genuine response. Hence I wanted to query multiple NTP servers. If this clarifies the purpose of question, please remove the down vote if you've given it. – Vishal Sahu Jun 06 '18 at 19:40
  • I did not downvote, I actually think this is a good and interesting question, so here goes an upvote. :) Though the question still lacks detail. What kind of application is this? A web app where browsers talk to webservers, a client-server app with a thick client, a desktop app, something else? Where in the architecture is the data stored (that should be retained)? Who is the adversary that would be interested in changing the time, is it some kind of an audit log for example that a user would want to delete by setting a future time where it is not retained anymore? – Gabor Lengyel Jun 06 '18 at 20:21

0 Answers0