Abstract
In this paper we are focusing on secure logging for public network providers. We review existing security threat models against system logging and we extend these to a new threat model especially suited in the environment of telecommunication network providers. We also propose a framework for secure logging in public communication networks as well as realistic implementations designs, which are more resilient to the identified security threats. A key role to the proposed framework is given to an independent Regulatory Authority, which is responsible to verify the integrity of the log files.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Schneier, B.: Schneier on security: Phone tapping in Greece (2006), web page: http://www.schneier.com/blog/archives/02/phone_tapping_i.html
Kelsey, J., Callas, J.: Ssyslog-sign protocol. DRAFT, Network Working Group (2002)
Dunlap, G.W., King, S.T., Cinar, S., Basrai, M., Chen, P.M.: Revirt: Enabling intrusion analysis through virtual-machine logging and replay. In: Proc. 2002 Symp. Operating Sys. Design and Implementation (2002)
Bellare, M., Yee, B.: Forward integrity for secure audit logs. Technical report, Computer Science and Engineering Department, University of California at San Diego (1997)
Schneier, B., Kelsey, J.: Cryptographic support for secure logs on untrusted machines. In: Proceedings of the 7th USENIX Security Symposium, pp. 53–62. USENIX Press (1998)
Haber, S., Stornetta, W.: How to time-stamp a digital document. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 437–455. Springer, Heidelberg (1991)
Chong, C.N., Peng, Z., Hartel, P.H.: Secure audit logging with tamperresistant hardware. Tech. Rep., Universiteit Twente, Enschede, The Netherlands (2002)
Waters, B., Balfanz, D., Durfee, G., Smetters, D.: Building an encrypted and searchable audit log. In: The 11th Annual Network and Distributed System Security Symposium (2004)
Accorsi, R.: On the relationship of privacy and secure remote logging in dynamic systems. In: Security and Privacy in Dynamic Environments, vol. 201, pp. 329–338. Springer, Heidelberg (2006)
Holt, J.: Logcrypt: Forward security and public verification for secure audit logs. In: Proc. of Australasian Information Security Workshop (2006)
Kawaguchi, N., Obata, N., Ueda, S., Azuma, Y., Shigeno, H., Okada, K.: Efficient log authentication for forensic computing. In: Proc. Of IEEE 6th Information Assurance Workshop, pp. 215–223. IEEE, Los Alamitos (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Stathopoulos, V., Kotzanikolaou, P., Magkos, E. (2006). A Framework for Secure and Verifiable Logging in Public Communication Networks. In: Lopez, J. (eds) Critical Information Infrastructures Security. CRITIS 2006. Lecture Notes in Computer Science, vol 4347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11962977_22
Download citation
DOI: https://doi.org/10.1007/11962977_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69083-2
Online ISBN: 978-3-540-69084-9
eBook Packages: Computer ScienceComputer Science (R0)