Home // CLOUD COMPUTING 2017, The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization // View article

Creating an Immutable Database for Secure Cloud Audit Trail and System Logging

Authors:
Bob Duncan
Mark Whittington

Keywords: Cloud security and privacy; immutable database; forensic trail.

Abstract:
Conventional web based systems present a multiplic- ity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.

Pages: 54 to 59

Copyright: Copyright (c) IARIA, 2017

Publication date: February 19, 2017

Published in: conference

ISSN: 2308-4294

ISBN: 978-1-61208-529-6

Location: Athens, Greece

Dates: from February 19, 2017 to February 23, 2017