Putz, Benedikt and Menges, Florian and Pernul, Guenther (2019) A secure and auditable logging infrastructure based on a permissioned blockchain. COMPUTERS & SECURITY, 87: UNSP 10160. ISSN 0167-4048, 1872-6208
Full text not available from this repository. (Request a copy)Abstract
Information systems in organizations are regularly subject to cyber attacks targeting confidential data or threatening the availability of the infrastructure. In case of a successful attack it is crucial to maintain integrity of the evidence for later use in court. Existing solutions to preserve integrity of log records remain cost-intensive or hard to implement in practice. In this work we present a new infrastructure for log integrity preservation which does not depend upon trusted third parties or specialized hardware. The system uses a blockchain to store non-repudiable proofs of existence for all generated log records. An open-source prototype of the resulting log auditing service is developed and deployed, followed by a security and performance evaluation. The infrastructure represents a novel software-based solution to the secure logging problem, which unlike existing approaches does not rely on specialized hardware, trusted third parties or modifications to the logging source. (C) 2019 Elsevier Ltd. All rights reserved.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | ; Log management; Secure logging; Log auditing; Permissioned blockchain; Digital forensics |
| Subjects: | 000 Computer science, information & general works > 004 Computer science |
| Divisions: | Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) |
| Depositing User: | Dr. Gernot Deinzer |
| Date Deposited: | 25 Mar 2020 10:27 |
| Last Modified: | 06 Apr 2020 06:01 |
| URI: | https://pred.uni-regensburg.de/id/eprint/25926 |
Actions (login required)
 |
View Item |
