SLOPPI — a Framework for Secure Logging with Privacy Protection and Integrity

von Eye, Felix; Schmitz, David; Hommel, Wolfgang

Home // ICIMP 2013, The Eighth International Conference on Internet Monitoring and Protection // View article

SLOPPI — a Framework for Secure Logging with Privacy Protection and Integrity

Authors:
Felix von Eye
David Schmitz
Wolfgang Hommel

Keywords: log file management; secure logging; compliance

Abstract:
Secure log file management on, for example, Linux servers typically uses cryptographic message authentication codes (MACs) to ensure the log file's integrity: If an attacker modifies or deletes a log entry, the MAC no longer matches the log file content. However, some privacy and data protection laws, for example in Germany, require the deletion or anonymization of log entries with personal data after a retention period of seven days. Such changes therefore do not constitute an attack. Previous work regarding secure logging does not support this use case adequately. A new log management approach with a focus on both the integrity and the compliance of the resulting log files with additional support for encryption-based confidentiality is presented and discussed.

Pages: 14 to 19

Copyright: Copyright (c) IARIA, 2013

Publication date: June 23, 2013

Published in: conference

ISSN: 2308-3980

ISBN: 978-1-61208-281-3

Location: Rome, Italy

Dates: from June 23, 2013 to June 28, 2013