CLASS: Cloud Log Assuring Soundness and Secrecy Scheme for Cloud Forensics

Ahsan, Muhammad; Wahab, Ainuddin Wahid Abdul; Idris, Mohd Yamani Idna; Khan, Suleman; Bachura, Eric; Choo, Kim‐Kwang Raymond

doi:10.1109/tsusc.2018.2833502

Cited by 28 publications

(13 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cloud log assuring soundness and secrecy(CLASS) is proposed in [42] which ensures maintenance of logs in the cloud through deviated encryption. McCabe et al produced PPL using Rabin's fingerprint strategy and blossom channel [43].…”

Section: Related Workmentioning

confidence: 99%

Proactive Forensics in IoT: Privacy-Aware Log-Preservation Architecture in Fog-Enabled-Cloud Using Holochain and Containerization Technologies

et al. 2020

View full text Add to dashboard Cite

Collecting and preserving the smart environment logs connected to cloud storage is challenging due to the black-box nature and the multi-tenant cloud models which can pervade log secrecy and privacy. The existing work for log secrecy and confidentiality depends on cloud-assisted models, but these models are prone to multi-stakeholder collusion problems. This study proposes ’PLAF,’ a holistic and automated architecture for proactive forensics in the Internet of Things (IoT) that considers the security and privacy-aware distributed edge node log preservation by tackling the multi-stakeholder issue in a fog enabled cloud. We have developed a test-bed to implement the specification, as mentioned earlier, by incorporating many state-of-the-art technologies in one place. We used Holochain to preserve log integrity, provenance, log verifiability, trust admissibility, and ownership non-repudiation. We introduced the privacy preservation automation of log probing via non-malicious command and control botnets in the container environment. For continuous and robust integration of IoT microservices, we used docker containerization technology. For secure storage and session establishment for logs validation, Paillier Homomorphic Encryption, and SSL with Curve25519 is used respectively. We performed the security and performance analysis of the proposed PLAF architecture and showed that, in stress conditions, the automatic log harvesting running in containers gives a 95% confidence interval. Moreover, we show that log preservation via Holochain can be performed on ARM-Based architectures such as Raspberry Pi in a very less amount of time when compared with RSA and blockchain.

show abstract

Section: Related Workmentioning

confidence: 99%

Proactive Forensics in IoT: Privacy-Aware Log-Preservation Architecture in Fog-Enabled-Cloud Using Holochain and Containerization Technologies

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Various studies on logging systems in cloud computing are underway in the area of digital forensics. Among them, Secure Logging-as-a-Service (SecLaaS) [7][8][9][10] and the Cloud-Log Assuring-Soundess and Secrecy Scheme (CLASS) [11] are representative cloud logging systems, taking into account cloud forensic challenges such as data volatility, multitenancy in the cloud, and ensuring user privacy.…”

Section: Conventional Cloud Logging Systemsmentioning

confidence: 99%

eCLASS: Edge-Cloud-Log Assuring-Secrecy Scheme for Digital Forensics

Park

Huh

2019

Symmetry

View full text Add to dashboard Cite

User activity logs are important pieces of evidence in digital forensic investigations. In cloud forensics, it is difficult to collect user activity logs due to the fact of virtualization technologies and the multitenancy environment, which can infringe upon user privacy when collecting logs. Furthermore, the computing paradigm is shifting from conventional cloud computing toward edge computing, employing the advances of 5G network technology. This change in the computing paradigm has also brought about new challenges for digital forensics. Edge nodes that are close to users are exposed to security threats, and the collection of logs with limited computing resources is difficult. Therefore, this study proposes a logging scheme that considers log segmentation and distributed storage to collect logs from distributed edge nodes and to protect log confidentiality by taking into account edge-cloud characteristics. This scheme protects the integrity of log data collected by a multi-index chain network. To demonstrate the performance of the proposed scheme, edge nodes with three different capacity types were used, and the proposed log-segmentation method performed 29.4% to 64.2% faster than the Cloud-Log Assuring-Secrecy Scheme (CLASS) using 2048 bit Rivest-Shamir-Adleman (RSA) in three types of edge nodes for log-confidentiality protection. The log segmentation of edge CLASS (eCLASS) reduced the log size to approximately 58% less than CLASS log encryption, and edge-node CPU usage was also reduced from 14% to 28%.

show abstract

“…On the other hand, Cloud Log Assuring Soundness and Secrecy (CLASS) [1] was presented to secure logging by encrypting logs with individual user's public key. And Rabin's fingerprint and Bloom filter was used to generate proof of past log to speed up the log auditing.…”

Section: Reliable Loggingmentioning

confidence: 99%

“…The volume of the fine-grained logs becomes too large to efficiently audit. Some methods has been proposed to speed up the log integrity auditing process, including supporting selective verification [13] and using Rabin's fingerprint and bloom filter for every verification process [1]. However, there are still no efficiency improving method for log operation legality auditing.…”

Section: Introductionmentioning

confidence: 99%

A Multi-grained Log Auditing Scheme for Cloud Data Confidentiality

et al. 2019

View full text Add to dashboard Cite

With increasing number of cloud data leakage accidents exposed, outsourced data control becomes a more and more serious concern of their owner. To relieve the concern of these cloud users, reliable logging schemes are widely used to generate proof for data confidentiality auditing. However, high frequency operation and fine operation granularity on cloud data both result in a considerably large volume of operation logs, which burdens communication and computation in log auditing. This paper proposes a multi-grained log auditing scheme to make logs volume smaller and log auditing more efficient. We design a logging mechanism to support multi-grained data access with Merkle Hash Tree structure. Based on multi-grained log, we present a log auditing approach to achieve data confidentiality auditing and leakage investigation by making an Access List. Experiments results indicate that our scheme obtains about 54% log volume and 60% auditing time of fine-grained log auditing scheme in our scenario.

show abstract

CLASS: Cloud Log Assuring Soundness and Secrecy Scheme for Cloud Forensics

Cited by 28 publications

References 30 publications

Proactive Forensics in IoT: Privacy-Aware Log-Preservation Architecture in Fog-Enabled-Cloud Using Holochain and Containerization Technologies

Proactive Forensics in IoT: Privacy-Aware Log-Preservation Architecture in Fog-Enabled-Cloud Using Holochain and Containerization Technologies

eCLASS: Edge-Cloud-Log Assuring-Secrecy Scheme for Digital Forensics

A Multi-grained Log Auditing Scheme for Cloud Data Confidentiality

Contact Info

Product

Resources

About