research-article

A new approach to secure logging

Authors:

Gene TsudikAuthors Info & Claims

ACM Transactions on Storage (TOS), Volume 5, Issue 1

Article No.: 2, Pages 1 - 21

https://doi.org/10.1145/1502777.1502779

Published: 31 March 2009 Publication History

Abstract

The need for secure logging is well-understood by the security professionals, including both researchers and practitioners. The ability to efficiently verify all (or some) log entries is important to any application employing secure logging techniques. In this article, we begin by examining the state of the art in secure logging and identify some problems inherent to systems based on trusted third-party servers. We then propose a different approach to secure logging based upon recently developed Forward-Secure Sequential Aggregate (FssAgg) authentication techniques. Our approach offers both space-efficiency and provable security. We illustrate two concrete schemes—one private-verifiable and one public-verifiable—that offer practical secure logging without any reliance on online trusted third parties or secure hardware. We also investigate the concept of immutability in the context of forward-secure sequential aggregate authentication to provide finer grained verification. Finally we evaluate proposed schemes and report on our experience with implementing them within a secure logging system.

References

[1]

Bellare, M. and Palacio, A. 2002. Protecting against key exposure: strongly key-insulated encryption with optimal threshold. In Cryptology ePrint Archive, Report 2002/64.

[2]

Bellare, M. and Yee, B. 1997. Forward integrity for secure audit logs. Tech. rep. University of California at San Diego ftp://www.cs.ucsd.edu/pub/bsq/pub/fi.ps.

[3]

Bellare, M. and Yee, B. 2003. Forward-security in private-key cryptography. In Proceedings of the RSA Conference Cryptography Track.

Digital Library

[4]

Burns, R., Gentry, C., Lynn, B., and Shacham, H. 2005. Verifiable audit trails for a versioning file system. In Proceedings of the Workshop on Storage and Security (StorageSS'05). 416--432.

Digital Library

[5]

Chong, C., Peng, Z., and Hartel, P. 2002. Secure audit logging with tamper resistant hardware. In Technical Rep. TR-CTIT-02-29, Centre for Telematics and Information Technology, Univ. Twente, The Netherlands.

[6]

Dodis, Y., Katz, J., Xu, S., and Yung, M. 2002. Key-insulated public key cryptosystems. In Proceedings of the Annual International Conference on Theory and Practice of Cryptographic Technique (Eurocrypt'02). 65--82.

Digital Library

[7]

Dodis, Y., Katz, J., Xu, S., and Yung, M. 2003. Strong key-insulated public key cryptosystems. In Proceedings of the Conference on Public Key Cryptography. 130--144.

[8]

Gutmann, P. 1996. Secure deletion of data from magnetic and solid-state memory. In Proceedings of the 6th USENIX Security Symposium. 22--25.

Digital Library

[9]

Halperin, D., Kohno, T., Heydt-Benjamin, T., Fu, K., and Maisel, W. 2008. Security and privacy for implantable medical devices. IEEE Pervas. Comput. 7, 1.

Digital Library

[10]

Holt, J. 2006. Logcrypt: forward security and public verification for secure audit logs. In Proceedings of the 2006 Australasian Workshops on Grid Computing and E-Research. 203--211.

Digital Library

[11]

Kelsey, J. and Schneier, B. 1999. Minimizing bandwidth for remote access to cryptographically protected audit logs. In Proceedings of the Recent Advances in Intrusion Detection (RAID'99).

[12]

Ma, D. 2008. Practical forward secure sequential aggregate signatures. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'08).

Digital Library

[13]

Ma, D. and Tsudik, G. 2007. Forward-secure sequentical aggregate authentication. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[14]

Ma, D. and Tsudik, G. 2008. A new approach to secure logging. In Proceedings of the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSEC'08).

Digital Library

[15]

Mykletun, E., Narasimha, M., and Tsudik, G. 2004a. Authentication and integrity in outsourced databases. In Proceedings of the ACM Annual Symposium on Network and Distributed System Security (NDSS'04).

[16]

Mykletun, E., Narasimha, M., and Tsudik, G. 2004b. Signature bouquets: immutability for aggreagated/codensed signatures. In Proceedings of the European Symposium on Research in Computer Security (ESORICS'04). 160--176.

[17]

Schneier, B. and Kelsey, J. 1998. Cryptographic support for secure logs on untrusted machines. Proceedings of the 7th USENIX Security Symposium.

Digital Library

[18]

Schneier, B. and Kelsey, J. 1999. Secure audit logs to support computer forensics. ACM Trans. Inform. Syst. Secur., 159--176.

Digital Library

[19]

Swanson, M. and Guttman, B. 1996. Generally accepted principles and practices for securing information technology systems. In National Institute of Standards and Technology Data Gateway 800--14.

Digital Library

[20]

U.S. Department of Defense, C. S. C. 1985. Trusted computer system evaluation criteria.

[21]

Waters, B., Balfanz, D., Durfee, G., and Smeters, D. K. 2004. Building an encrypted and searchable audit log. In Proceedings of the ACM Annual Symposium on Network and Distributed System Security (NDSS'04).

Cited By

Wang QWang YZhou FXu JZhang C(2025)Privacy-preserving fair outsourcing polynomial computation without FHE and FPRComputer Standards & Interfaces10.1016/j.csi.2024.10389991:COnline publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1016/j.csi.2024.103899
Pelosi G(2025)Secure Audit LogsEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-030-71522-9_688(2218-2220)Online publication date: 8-Jan-2025
https://doi.org/10.1007/978-3-030-71522-9_688
Lenard TCollen ANijdam N(2024)Using the Trusted Platform Module to Generate Secure Logs for Automotive Systems2024 IEEE 20th International Conference on Intelligent Computer Communication and Processing (ICCP)10.1109/ICCP63557.2024.10792999(1-6)Online publication date: 17-Oct-2024
https://doi.org/10.1109/ICCP63557.2024.10792999
Show More Cited By

Recommendations

A New Approach to Secure Logging
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security

The need for secure logging is well-understood by the security researchers and practitioners. The ability to efficiently verify all (or some) log entries is important to any application employing secure logging techniques. In this paper, we begin by ...
ID-based secret-key cryptography

This paper introduces ID-based secret-key cryptography, in which secret keys are privately and uniquely binded to an identity. This enables to extend public-key cryptography features at the high throughput rate of secret-key cryptography. As ...
Secure Identity-Based Encryption in the Quantum Random Oracle Model
Proceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology --- CRYPTO 2012 - Volume 7417

We give the first proof of security for an identity-based encryption scheme in the quantum random oracle model. This is the first proof of security for any scheme in this model that requires no additional assumptions. Our techniques are quite general ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Storage

ACM Transactions on Storage Volume 5, Issue 1

March 2009

62 pages

ISSN:1553-3077

EISSN:1553-3093

DOI:10.1145/1502777

Issue’s Table of Contents

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 March 2009

Accepted: 01 December 2008

Revised: 01 October 2008

Received: 01 May 2008

Published in TOS Volume 5, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

112
Total Citations
View Citations
1,447
Total Downloads

Downloads (Last 12 months)68
Downloads (Last 6 weeks)14

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wang QWang YZhou FXu JZhang C(2025)Privacy-preserving fair outsourcing polynomial computation without FHE and FPRComputer Standards & Interfaces10.1016/j.csi.2024.10389991:COnline publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1016/j.csi.2024.103899
Pelosi G(2025)Secure Audit LogsEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-030-71522-9_688(2218-2220)Online publication date: 8-Jan-2025
https://doi.org/10.1007/978-3-030-71522-9_688
Lenard TCollen ANijdam N(2024)Using the Trusted Platform Module to Generate Secure Logs for Automotive Systems2024 IEEE 20th International Conference on Intelligent Computer Communication and Processing (ICCP)10.1109/ICCP63557.2024.10792999(1-6)Online publication date: 17-Oct-2024
https://doi.org/10.1109/ICCP63557.2024.10792999
Tian HWang JChang CQuan H(2024)Public auditing of log integrity for shared cloud storage systems via blockchainWireless Networks10.1007/s11276-020-02373-530:7(6249-6264)Online publication date: 1-Oct-2024
https://dl.acm.org/doi/10.1007/s11276-020-02373-5
Kabaleeshwaran RVenkata Shanmukh Sai P(2024)Synchronized Aggregate Signature Under Standard Assumption in the Random Oracle ModelProgress in Cryptology – INDOCRYPT 202310.1007/978-3-031-56232-7_10(197-220)Online publication date: 29-Mar-2024
https://doi.org/10.1007/978-3-031-56232-7_10
Daffalla ABohuk MDell NBellini RRistenpart TCalandrino JTroncoso C(2023)Account security interfacesProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620439(3601-3618)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620439
Blass ENoubir G(2023)Forward Security with Crash Recovery for Secure LogsACM Transactions on Privacy and Security10.1145/363152427:1(1-28)Online publication date: 3-Nov-2023
https://dl.acm.org/doi/10.1145/3631524
Zieglmeier VPretschner A(2023)Rethinking People Analytics With Inverse Transparency by DesignProceedings of the ACM on Human-Computer Interaction10.1145/36100837:CSCW2(1-29)Online publication date: 4-Oct-2023
https://dl.acm.org/doi/10.1145/3610083
Bajramovic EFein CFrinken MRösler PFreiling F(2023)LAVA: Log Authentication and Verification AlgorithmDigital Threats: Research and Practice10.1145/36092334:3(1-17)Online publication date: 6-Oct-2023
https://dl.acm.org/doi/10.1145/3609233
Rafi SKumar R(2023)Optimization of Data Memory and Safety in Clouds with Hashing Algorithm2023 2nd International Conference on Vision Towards Emerging Trends in Communication and Networking Technologies (ViTECoN)10.1109/ViTECoN58111.2023.10157301(1-6)Online publication date: 5-May-2023
https://doi.org/10.1109/ViTECoN58111.2023.10157301
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents