摘要 |
A method of detecting unauthorized activity in an electronic message transfer system comprising a plurality of devices, each device being configured to generate and receive cryptographically secured transfer messages for exchanging content with other devices in the system. In each device, audit information is accumulated in a memory of the device. The device periodically forwards at least part of its accumulated audit information to a secure server. |