Audit logs provide information about historical states of computer systems. They also contain highly valuable data that can be used by law enforcement in forensic investigations. Thus, ensuring the authenticity and integrity of audit logs is of vital importance. An ideal security mechanism for audit logging must also satisfy security properties such as forward-security (compromise resiliency), compactness, and computational efficiency. Unfortunately, existing secure audit logging schemes lack the computational or storage efficiency for modern performance requirements. Indeed, the practicality of such schemes has not been investigated in real-life systems, where logs generated in various occasions could be terabytes of data per day. To address this limitation, we developed an efficient, publicly verifiable, forward-secure, privacy-preserving, and aggregate logging scheme called blind-aggregate-forward improved (BAFi). BAFi is based on BAF, with new properties and performance improvements as follows: (i) BAFi improves the efficiency of BAF via implementation specific optimizations; (ii) BAFi has the option to not expose sensitive information in logs to protect valuable forensic information; (iii) BAFi was experimentally tested in real-world logs; and (iv) BAFi improves the security of BAF against log substitution. Our analysis shows that BAFi outperforms previous alternatives with similar properties and therefore is an ideal solution for nowadays highly intense logging systems.

• 出版日期2015-11-25
• 单位Cisco