Towards a Secure Logging Mechanism for Dynamic Systems
نویسنده
چکیده
Logging is a central service in computing systems. It collects information about the events happening in (remote) devices and thereby provides a basis for other services within the system. However, in order to be useful, log data must be correct, for information derived from flawed sources is unreliable. In this paper, we report on ongoing work in developing a logging mechanism to securely store log data in marginally trusted remote collectors. To this end, we first characterize the security properties of log data and that of mechanisms to guarantee these properties. Further, we employ standard logging techniques to design protocols to achieve the security properties, and discuss the protocols’ adequacy and limitations in guaranteeing these properties.
منابع مشابه
On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems
We investigate a mechanism for secure remote logging to improve privacy guarantees in dynamic systems. Considering an extended threat model for privacy, we first describe outer and inner privacy: outer privacy expresses the traditional attacker model for privacy where identity management systems control the collection of personal, observable information; inner privacy denotes the threat posed b...
متن کاملTowards building a forensics aware language for secure logging
Trustworthy system logs and application logs are crucial for digital forensics. Researchers have proposed different security mechanisms to ensure the integrity and confidentiality of logs. However, applying current secure logging schemes on heterogeneous formats of logs is tedious. Here, we propose Forensics Aware Language (FAL), a domain-specific language (DSL) through which we can apply a sec...
متن کاملSecure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry
Introduction Both health information technology (HIT) and the payment card industry (PCI) involve the exchange and management of sensitive, protected information. Compared to the PCI, HIT could consider protected health information (PHI) more sensitive than PCI cardholder data. If cardholder data is breached in the PCI, payment card companies may then remove fraudulent charges from the customer...
متن کاملBAFi: a practical cryptographic secure audit logging scheme for digital forensics
Audit logs provide information about historical states of computer systems. They also contain highly valuable data that can be used by law enforcement in forensic investigations. Thus, ensuring the authenticity and integrity of audit logs is of vital importance. An ideal security mechanism for audit logging must also satisfy security properties such as forwardsecurity (compromise resiliency), c...
متن کاملImprovising Forward Stream Integrity for Secure Logging in the Cloud
The need for secure logging is well-understood by the security professionals, together with each researchers and practitioners. The flexibility to the accuracy verifies all (or some) log entries is very important to any application using secure logging techniques. During this paper, we start by examining progressive in secure logging and determine some issues inherent to systems supported trust...
متن کامل