Forward Integrity For Secure Audit Logs
نویسندگان
چکیده
In this paper, we de ne the forward integrity security property, motivate its appropriateness as a systems security requirement, and demonstrate designs that achieve this property. Applications include secure audit logs (e.g., syslogd data) for intrusion detection or accountability, communications security, and authenticating partial results of computation for mobile agents. We prove security theorems on our forward integrity message authentication scheme, and discuss the secure audit log application in detail.
منابع مشابه
BAFi: a practical cryptographic secure audit logging scheme for digital forensics
Audit logs provide information about historical states of computer systems. They also contain highly valuable data that can be used by law enforcement in forensic investigations. Thus, ensuring the authenticity and integrity of audit logs is of vital importance. An ideal security mechanism for audit logging must also satisfy security properties such as forwardsecurity (compromise resiliency), c...
متن کاملEfficient, Compromise Resilient and Append-only Cryptographic Constructions for Digital Forensics
Due to the forensic value of the audit logs, it is vital to provide forwardsecure integrity and append-only properties in a logging system to prevent attackers who have gained control of the system from modifying or selectively deleting log entries generated before they took control. Existing forward-secure logging solutions are either based on symmetric cryptography or public key cryptography ...
متن کاملTamper Detection in Audit Logs
Audit logs are considered good practice for business systems, and are required by federal regulations for secure systems, drug approval data, medical information disclosure, financial records, and electronic voting. Given the central role of audit logs, it is critical that they are correct and inalterable. It is not sufficient to say, “our data is correct, because we store all interactions in a...
متن کاملLogcrypt: forward security and public verification for secure audit logs
Logcrypt provides strong cryptographic assurances that data stored by a logging facility before a system compromise cannot be modified after the compromise without detection. We build on prior work by showing how log creation can be separated from log verification, and describing several additional performance and convenience features not previously considered.
متن کاملEfficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging
Due to the forensic value of audit logs, it is vital to provide compromise resiliency and append-only properties in a logging system to prevent active attackers. Unfortunately, existing symmetric secure logging schemes are not publicly verifiable and cannot address applications that require public auditing (e.g., public financial auditing), besides being vulnerable to certain attacks and depend...
متن کامل