A Secure Logging Framework with Focus on Compliance

von Eye, Felix; Schmitz, David; Hommel, Wolfgang

Home // International Journal On Advances in Security, volume 7, numbers 3 and 4, 2014 // View article

A Secure Logging Framework with Focus on Compliance

Authors:
Felix von Eye
David Schmitz
Wolfgang Hommel

Keywords: log file management; secure logging; compliance; log message encryption; privacy by design.

Abstract:
Handling log messages securely, for example, on servers or embedded devices, has often relied on cryptographic messages authentication codes (MACs) to ensure log file integrity: Any modification or deletion of a log entry will invalidate the MAC, making the tampering evident. However, organizational security requirements regarding log files have changed significantly over the decades. For example, European privacy and personal data protection laws mandate that certain information, such as IP (internet protocol) addresses, must only be stored for a certain retention period, typically seven days. Traditional log file security measures, however, do not support the delayed deletion of partial log message information for such compliance reasons. This article presents SLOPPI (secure logging with privacy protection and integrity), a three-tiered log management framework with focus on integrity management and compliance as well as optional support for encryption-based confidentiality of log messages.

Pages: 37 to 49

Publication date: December 30, 2014

Published in: journal

ISSN: 1942-2636