Creating and Configuring an Immutable Database for Secure Cloud Audit Trail and System Logging

Duncan, Bob; Whittington, Mark

Home // International Journal On Advances in Security, volume 10, numbers 3 and 4, 2017 // View article

Creating and Configuring an Immutable Database for Secure Cloud Audit Trail and System Logging

Authors:
Bob Duncan
Mark Whittington

Keywords: Cloud security and privacy; immutable database; forensic trail.

Abstract:
Conventional web based systems present a multiplicity of attack vectors and one of the main components, the database, is frequently configured incorrectly, frequently using default settings, thus leaving the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted by the intruder to cover their tracks. Considering the average industry time between breach and discovery, there is often little or no forensic trail left to follow. While this presents a significant challenge to these conventional systems, when such a system uses cloud computing, the challenge increases considerably. In a conventional setting, the enterprise can use a robust firewall to afford some protection to enterprise users, however in a cloud setting, the enterprise firewall will not extend to external services, and a lot more people than are often considered can have access to cloud resources. Of equal importance is that in cloud settings, where new instances may be automatically spooled up and shut down to follow the demand curve, any data stored on the running instance before shut down will be irretrievably lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.

Pages: 155 to 166

Publication date: December 31, 2017

Published in: journal

ISSN: 1942-2636