Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지

Comparative Analysis of Security Schemes for Log System Providing Forward Security

전방 안전성이 보장되는 로그 시스템 보안기법 비교분석

  • Received : 2015.12.01
  • Accepted : 2015.12.30
  • Published : 2015.12.30
Download PDF
⟨ Previous Next ⟩

Abstract

In IT system, logs are an indicator of the previous key events. Therefore, when a security problem occurs in the system, logs are used to find evidence and solution to the problem. So, it is important to ensure the integrity of the stored logs. Existing schemes have been proposed to detect tampering of the stored logs after the key has been exp osed. Existing schemes are designed separately in terms of log transmission and storage. We propose a new log sys tem for integrating log transmission with storage. In addition, we prove the security requirements of the proposed sc heme and computational efficiency with existing schemes.

보안로그의 활용범위가 다양해짐에 따라 저장된 로그 데이터에 대한 무결성의 중요성이 높아지고 있다. 특히, 저장된 로그 데이터는 시스템에 침입한 공격자들이 자신의 흔적을 없애기 위해 우선적으로 조작되는 대상이다. 키 정보가 노출이 된 이후의 로그 데이터의 안전성은 보장하지 못하지만, 그 이전에 축적된 로그 데이터 무결성의 전방 안전성을 보장하는 다양한 이론적 기법들이 소개되었다. 본 논문에서는 기존기법들의 특성을 분석하며, 계산 효율적인 측면에서의 비교분석을 통해 적용될 운영환경에 적합한 기법들의 유효성을 확인한다.

Keywords

References

  1. A. A. Chuvakin, K. J. Schmidt and C. Phillips, Logging and Log Management, Elsevier, 2013.
  2. K. Malasri and L. Wang, "Securing Wireless Implantable Devices for Healthcare: Ideas and Challenges," IEEE Communications Magazine, vol. 47, no. 7, pp. 74-80, July 2009. https://doi.org/10.1109/MCOM.2009.5183475
  3. Y. Wang, and Y. Zheng, "Fast and Secure Magnetic Worm Storage Systems," In Proc. of the 2ndIEEEInternationalSecurityinStorageWorkshop(SISW'03), pp. 11-25, Oct. 31, 2003.
  4. D. Halperin, T. S. Heydt-Benjamin, K. Fu, T. Kohno, and W. H. Maisel, "Security and Privacy for Implantable Medical Devices," IEEE Computer Society, Vol. 7, No. 1, January-March 2008.
  5. S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, K. fu, "They Can Hear Your Heartbeats: Non-Invasive Security for Implantable Medical Devices," ACM SIGCOMM 2011, Toronto, Ontario, Canada, 2011.
  6. J. Kelsey and B. Schneier "Secure Audit Logs to Support Computer Forensics," ACM Transactions on Information and System Security, vol.2, no.2, pp. 159-176, 1999. https://doi.org/10.1145/317087.317089
  7. D. Ma and G. Tsudik, "A New Approach to Secure Logging," ACM Transactions on Storage, vol.5, Issue 1, pp. 2:1-2:21, Mar. 2009.
  8. R. Accorsi, "BBox : A Distributed Secure Log Architecture," Public Key Infrastructures, Services and Applications, LNCS, vol. 6711, pp 109-124, 2011.
  9. J. E. Holt, "Logcrypt: Forward Security and Public Verification for Secure Audit Logs," In Proc. of the Australasian Workshops on Grid Computing and E-research, vol.54, pp. 203-211, Tasmania, Jan. 2006.
  10. D. Ma and G. Tsudik, "Forward-Secure Sequential Aggregate Authentication," " In Proc. of the IEEE Symposium on Security and Privacy, pp. 86-91, Berkeley, May 2007
  11. D. Ma, "Practical Forward Secure Sequential Aggregate Signatures," In Proc. of the ACM Symposium on Information, Computer and Communications Security, pp.341-352, Tokyo, Mar. 2008
  12. A. A. Yavuz and P. Ning, "BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed System," In Proc. of the Annual Computer Security Applications Conference, pp. 219-218, Honolulu, Dec. 2009.
  13. A. A. Yavuz, P. Ning, and M. Reiter, "BAF and FI-BAF: Efficient and Publicly Verifiable Cryptographic Schemes for Secure Logging in Resource-Constrained Systems," ACM Transactions on Information and System Security, vol. 15, Issue 2, pp. 9:1-9:28, July 2012.
  14. D. Boneh, "The Decision Diffie-Hellman Problem," In Proc. of the Third Algorithmic Number Theory Symposium, LNCS, vol. 1423, pp. 48-63, 1998.
  15. E. Mykletun, M. Narasimha, and G. Tsudik, "Signature Bouquets: Immutability for Aggregated/Condensed Signatures," In Proc. of the European Symposium on Research in Computer Security (ESORICS), pp. 160-176, France, Sep. 2004.