The Meaning of Logs

While logging events is becoming increasingly common in computing, in communication and in collaborative environments, log systems need to satisfy increasingly challenging (if not conflicting) requirements. In this paper we propose a high-level framework for modeling log systems, and reasoning about them. This framework allows one to give a high-level representation of a log system and to check whether it satisfies given audit and privacy properties which in turn can be expressed in standard logic. In particular, the framework can be used for comparing and assessing log systems. We validate our proposal by formalizing a number of standard log properties and by using it to review a number of existing systems. Despite the growing pervasiveness of log systems, we believe this is the first framework of this sort.

[1]  Morris Sloman,et al.  GEM: a generalized event monitoring language for distributed systems , 1997, Distributed Syst. Eng..

[2]  Kaoru Kurosawa,et al.  A Scheme for Partial Disclosure of Transaction Log , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[3]  Hhs Centers for Medicare Medicare Services Health insurance reform: security standards. Final rule. , 2003, Federal register.

[4]  James V. Hansen,et al.  Audit considerations in distributed processing systems , 1983, CACM.

[5]  Kai Rannenberg,et al.  Pseudonymous audit for privacy enhanced intrusion detection , 1997, SEC.

[6]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[7]  Christos Faloutsos,et al.  Auditing Compliance with a Hippocratic Database , 2004, VLDB.

[8]  William L. Fithen,et al.  State of the Practice of Intrusion Detection Technologies , 2000 .

[9]  Erland Jonsson,et al.  Anomaly-based intrusion detection: privacy concerns and other problems , 2000, Comput. Networks.

[10]  Paul R. Ashley,et al.  Enterprise Privacy Authorization Language , 2003 .

[11]  Erland Jonsson,et al.  Privacy vs. Intrusion Detection Analysis , 1999, Recent Advances in Intrusion Detection.

[12]  Jean Goubault-Larrecq,et al.  Log auditing through model-checking , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[13]  Bradley Malin,et al.  How (not) to protect genomic data privacy in a distributed network: using trail re-identification to evaluate and design anonymity protection systems , 2004, J. Biomed. Informatics.

[14]  J. Dumortier Directive 98/48/EC of the European Parliament and of the Council , 2006 .

[15]  George Spanoudakis,et al.  Non-Intrusive Monitoring of Service-Based Systems , 2006, Int. J. Cooperative Inf. Syst..

[16]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[17]  J. Prins Directive 2003/98/EC of the European Parliament and of the Council , 2006 .

[18]  Mihir Bellare,et al.  Forward Integrity For Secure Audit Logs , 1997 .

[19]  Dogan Kesdogan,et al.  Privacy Enhanced Intrusion Detection , 1999 .

[20]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[21]  Josep Domingo-Ferrer,et al.  Disclosure risk assessment in statistical microdata protection via advanced record linkage , 2003, Stat. Comput..

[22]  Julia Brande Earp,et al.  Internet privacy law: a comparison between the United States and the European Union , 2004, Comput. Secur..

[23]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[24]  G. Pernul,et al.  The meaning of logs , 2007 .