Continuous Tamper-proof Logging using TPM2.0 (CMU-CyLab-13-008)
نویسندگان
چکیده
Auditing system logs is an important means of ensuring systems’ security in situations where run-time security mechanisms are not sufficient to completely prevent potentially malicious activities. A fundamental requirement for reliable auditing is the integrity of the log entries. This paper presents an infrastructure for secure logging that is capable of detecting the tampering of logs by powerful adversaries residing on the device where logs are generated. We rely on novel features of trusted hardware (TPM) to ensure the continuity of the logging infrastructure across power cycles without help from a remote server. Our infrastructure also addresses practical concerns including how to handle high-frequency log updates, how to conserve disk space for storing logs, and how to efficiently verify an arbitrary subset of the log. Importantly, we formally state the tamper-proofness guarantee of our infrastructure and verify that our basic secure logging protocol provides the desired guarantee. To demonstrate that our infrastructure is practical, we implement a prototype and evaluate its performance.
منابع مشابه
A new security proof for FMNV continuous non-malleable encoding scheme
A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...
متن کاملContinuous Tamper-Proof Logging Using TPM 2.0
Auditing system logs is an important means of ensuring systems’ security in situations where run-time security mechanisms are not sufficient to completely prevent potentially malicious activities. A fundamental requirement for reliable auditing is the integrity of the log entries. This paper presents an infrastructure for secure logging that is capable of detecting the tampering of logs by powe...
متن کاملPrivacy Policy Specification and Audit in a Fixed-Point Logic - How to enforce HIPAA, GLBA and all that (CMU-CyLab-10-008)
Organizations such as hospitals and banks that collect and use personal information are required tocomply with privacy regulations like the Health Insurance Portability and Accountability Act (HIPAA)and the Gramm-Leach-Bliley Act (GLBA). With the goal of specification and enforcement of such prac-tical policies, we develop the logic PrivacyLFP, whose syntax is an extension of the fi...
متن کاملSecure Audit Logging with Tamper-Resistant Hardware
Secure perimeter schemes (e.g. DRM) and tracing traitor schemes (e.g. watermarking, audit logging) strive to mitigate the problems of content escaping the control of the rights holder. Secure audit logging records the user’s actions on content and enables detection of some forms of tampering with the logs. We implement Schneier and Kelsey’s secure audit logging protocol [1], strengthening the p...
متن کامل