Preprint

A Secure and Privacy-Friendly Logging Scheme

Authors:
Preprints and early-stage research may not have been peer reviewed yet.
To read the file of this research, you can request a copy directly from the authors.

Abstract

Finding a robust security mechanism for audit trail logging has long been a poorly satisfied goal. There are many reasons for this. The most significant of these is that the audit trail is a highly sought after goal of attackers to ensure that they do not get caught. Thus they have an incredibly strong incentive to prevent companies from succeeding in this worthy aim. Regulation, such as the European Union General Data Protection Regulation, has brought a strong incentive for companies to achieve success in this area due to the punitive level of fines that can now be levied in the event of a successful breach by an attacker. We seek to resolve this issue through the use of an encrypted audit trail process that saves encrypted records to a true immutable database, which can ensure audit trail records are permanently retained in encrypted form, with no possibility of the records being compromised. This ensures compliance with the General Data Protection Regulation can be achieved.

No file available

Request Full-text Paper PDF

To read the file of this research,
you can request a copy directly from the authors.

ResearchGate has not been able to resolve any citations for this publication.
Conference Paper
Full-text available
Effective activity and event monitoring is an essential aspect of digital forensic readiness. Techniques for capturing log and other event data are familiar from conventional networked hosts and transfer directly to the Cloud context. In both contexts, a major concern is the risk that monitoring systems may be targeted and impaired by intruders seeking to conceal their illicit presence and activities. We outline an approach to intrusion monitoring that aims (i) to ensure the credibility of log data and (ii) provide a means of data sharing that supports log reconstruction in the event that one or more logging systems is maliciously impaired.
Conference Paper
Full-text available
Ahead of the introduction of the EU General Data Privacy Regulation, we consider some important unresolved issues with cloud computing, namely, the insecure cloud audit trail problem and the challenge of retaining cloud forensic evidence. Developing and enforcing good cloud security controls is an essential requirement for this is to succeed. The nature of cloud computing architecture can add additional problem layers for achieving cloud security to an already complex problem area. Traditionally, many corporates have struggled to identify when their systems have been breached, let alone understand which records have been accessed, modified, deleted or ex-filtrated from their systems. Often, there is no understanding as to who has perpetrated the breach, meaning it is difficult to quantify the risk to which they have been exposed. The GDPR seeks to improve this situation by requiring all breaches to be reported within 72 hours of an occurrence, including full identification of all records compromised, failing which the organisation could be subject to punitive levels of fines. We consider why this is such an important issue, identifying what desirable characteristics should be aimed for and propose a novel means of effectively and efficiently achieving these goals. We have identified a range of issues which need to be dealt with properly to ensure a robust level of security and privacy can be achieved. We have addressed these issues in both the context of conventional cloud based systems, as well as in regard to addressing some of the many weaknesses inherent in the internet of things. We discuss how our proposed approach may help better address these key security issues which we have identified. Index Terms Cloud security and privacy; cloud audit; cloud forensics; Internet of Things.
Article
Full-text available
Audit logs are an important part of any secure system, and they need to be carefully designed in order to give a faithful representation of past system activity. This is especially true in the presence of adversaries who might want to tamper with the audit logs. While it is important that auditors can inspect audit logs to assess past system activity, the content of an audit log may contain sensitive information, and should therefore be protected from unauthorized parties.
Article
As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the digital forensic integrity of such instances. This need is largely motivated by the locus of responsibility and also by the associated risk of legal sanction and financial penalty. Effective monitoring of activity and events is an essential aspect of such forensic readiness. A major concern is the risk that monitoring systems may themselves be targeted and affected by intruders, thereby nullifying the prospective benefits of such internal software surveillance facilities. In this paper, we outline an approach to intrusion monitoring that aims to ensure the credibility of log data and provide a means of data sharing that supports log reconstruction in the event that one or more logging systems is maliciously impaired. In addition, we identify and describe the multi-level interpretation problem as an inherent challenge to managing forensic recovery in the Cloud. // International Journal on Advances in Security, vol 11 no 3 & 4, 2018.
Conference Paper
The secret keys of critical network authorities - such as time, name, certificate, and software update services - represent high-value targets for hackers, criminals, and spy agencies wishing to use these keys secretly to compromise other hosts. To protect authorities and their clients proactively from undetected exploits and misuse, we introduce CoSi, a scalable witness cosigning protocol ensuring that every authoritative statement is validated and publicly logged by a diverse group of witnesses before any client will accept it. A statement S collectively signed by W witnesses assures clients that S has been seen, and not immediately found erroneous, by those W observers. Even if S is compromised in a fashion not readily detectable by the witnesses, CoSi still guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to risk that the compromise will soon be detected by one of the W witnesses. Because clients can verify collective signatures efficiently without communication, CoSi protects clients' privacy, and offers the first transparency mechanism effective against persistent man-in-the-middle attackers who control a victim's Internet access, the authority's secret key, and several witnesses' secret keys. CoSi builds on existing cryptographic multisignature methods, scaling them to support thousands of witnesses via signature aggregation over efficient communication trees. A working prototype demonstrates CoSi in the context of timestamping and logging authorities, enabling groups of over 8,000 distributed witnesses to cosign authoritative statements in under two seconds.
Article
In this paper we show how to divide data D into n pieces in such a way that D is easily reconstructable from any k pieces, but even complete knowledge of k - 1 pieces reveals absolutely no information about D. This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.
Cost of Insider Threats: Global
  • Ed Ponemon Institute
Ponemon Institute, Ed., "2018 Cost of Insider Threats: Global", April 2018, [Online]. Available: https://153j3ttjub71nfe89mc7r5gb-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/ObserveIT-Insider-Threat-Global-Report-FINAL.pdf [accessed: 2021-04-01]
Microsoft Productivity Score
  • Ed Microsoft
Microsoft, Ed., "Microsoft Productivity Score", [Online]. Available: https://adoption.microsoft.com/productivity-score/ [accessed: 2021-04-01]
Microsoft productivity score feature criticised as workplace surveillance
  • A Hern
A. Hern, "Microsoft productivity score feature criticised as workplace surveillance", The Guardian, [Online]. Available: https://www.theguardian.com/technology/2020/nov/26/microsoftproductivity-score-feature-criticised-workplace-surveillance, 2020-11-26 [accessed: 2021-04-01]
Angestellteüberwachen? Microsoft macht's möglich
  • S Hurtz
S. Hurtz, "Angestellteüberwachen? Microsoft macht's möglich", Süddeutsche Zeitung, [Online]. Available: https://sz.de/1.5130228, 2020-11-27 [accessed: 2021-04-01]
35.3 Million Euro Fine for Data Protection Violations in H&M's Service Center
  • Ed Hamburg Commissioner
Hamburg Commissioner, Ed., "35.3 Million Euro Fine for Data Protection Violations in H&M's Service Center", Datenschutz-Hamburg GDPR fine for GDPR employee data breach, Press Release, 2020. [Online]. Available: https://datenschutz-hamburg.de/assets/pdf/2020-10-01-pressrelease-h+m-fine.pdf [accessed: 2021-04-01]
immudb: A Lightweight, Performant Immutable Database
  • M Paik
  • J Irazábal
  • D Zimmer
  • M Meloni
  • V Padurean
M. Paik, J. Irazábal, D. Zimmer, M. Meloni, and V. Padurean, "immudb: A Lightweight, Performant Immutable Database", Available: https://www.codenotary.com/technologies/immudb/ [accessed: 2021-04-01]
Secret Sharing Made Short
  • H Krawczyk
H. Krawczyk, "Secret Sharing Made Short", Advances in Cryptology CRYPTO' 93, Proceedings, Lecture Notes in Computer Science, vol. 773, pp. 136-146, Springer, 1993.