Secure Logging for Irrefutable Administration
نویسندگان
چکیده
This paper presents a method that allows for securely saving a temporal sequence of data (log lines) in a file. Log lines are signed by an authority, and are thus unalterable without detection. Data is also encrypted in the file, and may be accessed with the granularity of a single log line with the possession of a decryption key. Also, it is possible that for some lines data must be accessed by a group of cooperating users.
منابع مشابه
Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry
Introduction Both health information technology (HIT) and the payment card industry (PCI) involve the exchange and management of sensitive, protected information. Compared to the PCI, HIT could consider protected health information (PHI) more sensitive than PCI cardholder data. If cardholder data is breached in the PCI, payment card companies may then remove fraudulent charges from the customer...
متن کاملImprovising Forward Stream Integrity for Secure Logging in the Cloud
The need for secure logging is well-understood by the security professionals, together with each researchers and practitioners. The flexibility to the accuracy verifies all (or some) log entries is very important to any application using secure logging techniques. During this paper, we start by examining progressive in secure logging and determine some issues inherent to systems supported trust...
متن کاملTowards building a forensics aware language for secure logging
Trustworthy system logs and application logs are crucial for digital forensics. Researchers have proposed different security mechanisms to ensure the integrity and confidentiality of logs. However, applying current secure logging schemes on heterogeneous formats of logs is tedious. Here, we propose Forensics Aware Language (FAL), a domain-specific language (DSL) through which we can apply a sec...
متن کاملEfficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging
Due to the forensic value of audit logs, it is vital to provide compromise resiliency and append-only properties in a logging system to prevent active attackers. Unfortunately, existing symmetric secure logging schemes are not publicly verifiable and cannot address applications that require public auditing (e.g., public financial auditing), besides being vulnerable to certain attacks and depend...
متن کاملSecure Audit Logging with Tamper-Resistant Hardware
Secure perimeter schemes (e.g. DRM) and tracing traitor schemes (e.g. watermarking, audit logging) strive to mitigate the problems of content escaping the control of the rights holder. Secure audit logging records the user’s actions on content and enables detection of some forms of tampering with the logs. We implement Schneier and Kelsey’s secure audit logging protocol [1], strengthening the p...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 4 شماره
صفحات -
تاریخ انتشار 2007