Secure log management for privacy assurance in electronic communications

Autor:	Emmanouil Magkos, Vassilios Stathopoulos, Panayiotis Kotzanikolaou
Rok vydání:	2008
Předmět:	General Computer Science Traceability Computer science Audit Computer security model computer.software_genre Computer security Security information and event management Security service Threat model Key (cryptography) Log management Law computer
Zdroj:	Computers & Security. 27:298-308
ISSN:	0167-4048
DOI:	10.1016/j.cose.2008.07.010
Popis:	In this paper we examine logging security in the environment of electronic communication providers. We review existing security threat models for system logging and we extend these to a new security model especially suited for communication network providers, which also considers internal modification attacks. We also propose a framework for secure log management in public communication networks as well as an implementation design, in order to provide traceability under the extended security model. A key role to the proposed framework is given to an independent Regulatory Authority, which is responsible to maintain log integrity proofs in a remote environment and verify the integrity of the provider's log files during security audits.
Databáze:	OpenAIRE
Externí odkaz:	https://explore.openaire.eu/search/publication?articleId=doi_________::231712fd19dc66ee2cfd34005d9bf7e0 https://doi.org/10.1016/j.cose.2008.07.010 Zobrazit plný text záznamu Full Text from ScienceDirect