论文信息 - A Secure Logging Framework with Focus on Compliance

A Secure Logging Framework with Focus on Compliance

Handling log messages securely, for example, on servers or embedded devices, has often relied on cryptographic messages authentication codes (MACs) to ensure log file integrity: Any modification or deletion of a log entry will invalidate the MAC, making the tampering evident. However, organizational security requirements regarding log files have changed significantly over the decades. For example, European privacy and personal data protection laws mandate that certain information, such as IP (internet protocol) addresses, must only be stored for a certain retention period, typically seven days. Traditional log file security measures, however, do not support the delayed deletion of partial log message information for such compliance reasons. This article presents SLOPPI (secure logging with privacy protection and integrity), a three-tiered log management framework with focus on integrity management and compliance as well as optional support for encryption-based confidentiality of log messages. Keywords-log file management; secure logging; compliance; log message encryption; privacy by design.

Wolfgang Hommel | Felix von Eye | David Schmitz

[1] Hugo Krawczyk,et al. The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?) , 2001, CRYPTO.

[2] Wolfgang Hommel,et al. Migration Gewachsener Umgebungen Auf Ein Zentrales, Datenschutzorientiertes Log-Management-System-Erfahrungen Am Leibniz-Rechenzentrum , 2011, GI-Jahrestagung.

[3] Charanjit S. Jutla,et al. Encryption Modes with Almost Free Message Integrity , 2001, Journal of Cryptology.

[4] Wolfgang Hommel,et al. SLOPPI — a Framework for Secure Logging with Privacy Protection and Integrity , 2013 .

[5] Kent E. Seamons,et al. Logcrypt: Forward Security and Public Verification for Secure Audit Logs , 2005, IACR Cryptol. ePrint Arch..

[6] Gene Tsudik,et al. A new approach to secure logging , 2008, TOS.

[7] Peng Ning,et al. BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed Systems , 2009, 2009 Annual Computer Security Applications Conference.

[8] Bruce Schneier,et al. Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[9] Mihir Bellare,et al. Forward Integrity For Secure Audit Logs , 1997 .