Log Data as Digital Evidence: What Secure Logging Protocols Have to Offer?

Accorsi, Rafael

doi:10.1109/compsac.2009.166

Cited by 27 publications

(15 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Logs are evidential documents [40]. They contain all the details and QoS metrics related to the operation of software, network components, servers, and Cloud platforms.…”

Section: Logs and Their Importancementioning

confidence: 99%

Scalable Blockchain-assisted Log Storage System for Cloud-generated Logs

Pourmajidi¹

2021

Preprint

View full text Add to dashboard Cite

During the normal operation of a Cloud solution, no one pays attention to the logs except the technical department, which may periodically check them to ensure that the performance of the platform conforms to the Service Level Agreements. However, the moment the status of a component changes from acceptable to unacceptable, or a customer complains about accessibility or performance of a platform, the importance of logs increases significantly. Depending on the scope of the issue, all departments, including management, customer support, and even the actual customer, may turn to logs to find out what has happened, how it has happened, and who is responsible for the issue. The party at fault may be motivated to tamper the logs to hide their fault. Given the number of logs that are generated by the Cloud solutions, there are many tampering opportunities. While tamper detection solution can be used to detect any changes in the logs, we argue that the critical nature of logs calls for immutability. In this thesis, we propose a blockchain-based log system, called Logchain, that collects the logs from different providers and avoids log tampering by sealing the logs cryptographically and adding them to a hierarchical ledger, hence, providing an immutable platform for log storage.

show abstract

“…Logs are evidential documents [40]. They contain all the details and QoS metrics related to the operation of software, network components, servers, and Cloud platforms.…”

Section: Logs and Their Importancementioning

confidence: 99%

Scalable Blockchain-assisted Log Storage System for Cloud-generated Logs

Pourmajidi¹

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…There are a number of proposals that provide a mechanism for verifying the integrity of an audit log [Accorsi, 2009;Stathopoulos et al, 2008]. Butin et al [Butin et al, 2013] address the issues of log design for accountability, such as how meaningful a posteriori compliance analysis can be performed on the logs.…”

Section: Related Workmentioning

confidence: 99%

Tamper-Proof Privacy Auditing for Artificial Intelligence Systems

Sutton

Samavi

2018

Proceedings of the Twenty-Seventh International Joint Conference on Artificial Intelligence

View full text Add to dashboard Cite

Privacy audit logs are used to capture the actions of participants in a data sharing environment in order for auditors to check compliance with privacy policies. However, collusion may occur between the auditors and participants to obfuscate actions that should be recorded in the audit logs. In this paper, we propose a Linked Data based method of utilizing blockchain technology to create tamper-proof audit logs that provide proof of log manipulation and non-repudiation.

show abstract

“…On the contrary, "by detection" approaches are more appropriate for rescue processes, since they allow maintaining the required flexibility during the process execution. Mechanisms for detecting noncompliance with policy rules are already available, e.g., secure logging files [44] or forensics [45]. However, these mechanisms are not capable of preventing any misuse; in the best case they allow, e.g., the starting of additional processes for palliating or the sanctioning of detected misuse nontechnically [46].…”

Section: Compliance In Business and Rescue Processesmentioning

confidence: 99%

Gaining Flexibility and Compliance in Rescue Processes with BPM

Kittel

Sackmann

2011

2011 Sixth International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Weaving together information spread over several public and private organizations is crucial for managing catastrophic events and for realizing resilient social infrastructures. While beneficial in emergencies, an unlimited access to (sensitive) data is usually defined as the worst case in any privacy or IT security scenario. As a solution to this tradeoff, the transferability of successful methods and tools known from business process and workflow management to rescue processes is discussed. The resulting framework as well as the identified research questions do not aim at generating "pure" technical security but at reducing the probability of misuse and, thus, providing a sound technical basis for a social discussion on resilient infrastructures.

show abstract

Log Data as Digital Evidence: What Secure Logging Protocols Have to Offer?

Cited by 27 publications

References 24 publications

Scalable Blockchain-assisted Log Storage System for Cloud-generated Logs

Scalable Blockchain-assisted Log Storage System for Cloud-generated Logs

Tamper-Proof Privacy Auditing for Artificial Intelligence Systems

Gaining Flexibility and Compliance in Rescue Processes with BPM

Contact Info

Product

Resources

About