locked
Immutable storage proof / evidence RRS feed

  • Question

  • Azure provide nice feature Immutable storage (https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage). This is great feature but in my case I need to be able to provide external user validation website. 

    For instance on a page user will see link how to download document and blob storage link, then I want to provide instruction how to make sure that this document was not modified and most important this service must be outside of my app. 

    So my question is does azure provide any way to validate that immutable storage was not modified and date of creation? 

    Tuesday, May 28, 2019 6:13 AM

All replies

  • Apologies for the delayed response!

    Could you elaborate on this? 

    "but in my case I need to be able to provide external user validation website. For instance on a page user will see link how to download document and blob storage link, then I want to provide instruction how to make sure that this document was not modified and most important this service must be outside of my app. "

    Immutable state that ensures they are non-erasable and non-modifiable for a specific retention interval through configurable policies, users can keep Azure Blob storage data in an immutable state where Blobs can be created and read, but not modified or deleted.

    You may also refer the article here for more details.

    You can enable storage logging using the Azure portal as shown below. These logs enable you to see details of read, write, and delete operations against your Azure tables, queues, and blobs. For more information you can check the following guide here.

    You should collect logging information from your storage account and use the log data to determine information such as when a client updated an object or who deleted a specific object. You should set the retention period long enough to allow you time to identify a potential issue through monitoring or from user reports, and then to download the relevant log data for analysis. Hope this helps you!

    Kindly, let us know if you need any further assistance on this.


    MSDN

    Wednesday, May 29, 2019 5:31 PM
  • Its all good but. 

    What you've described wont work for me since report will come from my platform and without proper audit of code you can trust platform. 

     Let me explain.

    I am building platform where adjudicators put some score, and usually people say well we don't trust software because you can modify scores. So what I thought to do, as soon as scores are saved, save report for each adjudicator to immutable store, provide link to download score report, and provide a way to validate that that report is not modified and saved at specific time. 

    I thought that on Microsoft side there is way if user provide link to report stored in immutable blob then you guys can provide report, and basically your report is what users can trust.

    Thursday, May 30, 2019 3:41 AM
  • Could you please answer?
    Thursday, June 6, 2019 1:37 PM
  • Apologies for the delayed response!

    Currently we don't have this feature for storage account based on your scenario. you can create a feedback item on Azure storage UserVoice forum and upvote for this feature.All the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.


    Tuesday, June 11, 2019 6:38 AM