A Framework for Secure and Verifiable Logging in Public Communication Networks
نویسندگان
چکیده
In this paper we are focusing on secure logging for public network providers. We review existing security threat models against system logging and we extend these to a new threat model especially suited in the environment of telecommunication network providers. We also propose a framework for secure logging in public communication networks as well as realistic implementations designs, which are more resilient to the identified security threats. A key role to the proposed framework is given to an independent Regulatory Authority, which is responsible to verify the integrity of the log files.
منابع مشابه
Efficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging
Due to the forensic value of audit logs, it is vital to provide compromise resiliency and append-only properties in a logging system to prevent active attackers. Unfortunately, existing symmetric secure logging schemes are not publicly verifiable and cannot address applications that require public auditing (e.g., public financial auditing), besides being vulnerable to certain attacks and depend...
متن کاملSecure log management for privacy assurance in electronic communications
In this paper we examine logging security in the environment of electronic communication providers. We review existing security threat models for system logging and we extend these to a new security model especially suited for communication network providers, which also considers internal modification attacks. We also propose a framework for secure log management in public communication network...
متن کاملBAFi: a practical cryptographic secure audit logging scheme for digital forensics
Audit logs provide information about historical states of computer systems. They also contain highly valuable data that can be used by law enforcement in forensic investigations. Thus, ensuring the authenticity and integrity of audit logs is of vital importance. An ideal security mechanism for audit logging must also satisfy security properties such as forwardsecurity (compromise resiliency), c...
متن کاملAn Incentive-Aware Lightweight Secure Data Sharing Scheme for D2D Communication in 5G Cellular Networks
Due to the explosion of smart devices, data traffic over cellular networks has seen an exponential rise in recent years. This increase in mobile data traffic has caused an immediate need for offloading traffic from operators. Device-to-Device(D2D) communication is a promising solution to boost the capacity of cellular networks and alleviate the heavy burden on backhaul links. However, dir...
متن کاملEfficient, Compromise Resilient and Append-only Cryptographic Constructions for Digital Forensics
Due to the forensic value of the audit logs, it is vital to provide forwardsecure integrity and append-only properties in a logging system to prevent attackers who have gained control of the system from modifying or selectively deleting log entries generated before they took control. Existing forward-secure logging solutions are either based on symmetric cryptography or public key cryptography ...
متن کامل