CFP last date
21 October 2024
Reseach Article

Distributed on Demand Logging using Secured Cloud Service

Published on February 2015 by Jesheela A.p, Sindhu S
Advanced Computing and Communication Techniques for High Performance Applications
Foundation of Computer Science USA
ICACCTHPA2014 - Number 4
February 2015
Authors: Jesheela A.p, Sindhu S
b7c3c5c8-4e24-4731-89ac-a7aa9c76fe22

Jesheela A.p, Sindhu S . Distributed on Demand Logging using Secured Cloud Service. Advanced Computing and Communication Techniques for High Performance Applications. ICACCTHPA2014, 4 (February 2015), 18-25.

@article{
author = { Jesheela A.p, Sindhu S },
title = { Distributed on Demand Logging using Secured Cloud Service },
journal = { Advanced Computing and Communication Techniques for High Performance Applications },
issue_date = { February 2015 },
volume = { ICACCTHPA2014 },
number = { 4 },
month = { February },
year = { 2015 },
issn = 0975-8887,
pages = { 18-25 },
numpages = 8,
url = { /proceedings/icaccthpa2014/number4/19455-6043/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Proceeding Article
%1 Advanced Computing and Communication Techniques for High Performance Applications
%A Jesheela A.p
%A Sindhu S
%T Distributed on Demand Logging using Secured Cloud Service
%J Advanced Computing and Communication Techniques for High Performance Applications
%@ 0975-8887
%V ICACCTHPA2014
%N 4
%P 18-25
%D 2015
%I International Journal of Computer Applications
Abstract

Log records are important part of an organization. Maintaining log records securely for a longer period of time is important for proper functioning of any organization. Since log files contain record of system events, the confidentiality and privacy of log data should be maintained and also integrity of log data and logging process should be ensured. The log data are stored in the server with in an organization for a fixed time and sent to the cloud . There will be a great chance of attack when log data are stored in plain text in the server of an organization. However, deploying a secure logging framework is one of the main difficulties that an organization faces in this new era. In this paper, we present an approach for secure logging by which log data can be sent to the cloud directly at run time.

References
  1. K. Kent and M. Souppaya. (1992). Guide to Computer Security Log Management, NIST Special Publication 800-92[Online]. Available: http://csrc. nist. gov/publications/nistpubs/800-92/SP800-92. pdf
  2. C. Lonvick, The BSD Syslog Protocol, Request for Comment RFC 3164, Internet Engineering Task Force, Network Working Group, Aug. 2001.
  3. M. Bellare and B. S. Yee, "Forward integrity for secure audit logs," Dept. Comput. Sci. , niv. California, San Diego, Tech. Rep. , Nov. 1997.
  4. BalaBit IT Security (2011, Sep. ). Syslog-ng—Multiplatform Syslog Server and Logging Daemon [Online]. Available: http://www. balabit. com/network-security/syslog-ng
  5. J. Kelsey, J. Callas, and A. Clemm, Signed Syslog Messages, Request for Comment RFC 5848, Internet Engineering Task Force, Network Working Group, May 2010.
  6. D. New and M. Rose, Reliable Delivery for Syslog, Request for Comment RFC 3195, Internet Engineering Task Force, Network Working Group, Nov. 2001.
  7. D. Ma and G. Tsudik, "A new approach to secure logging," ACM Trans. Storage, vol. 5, no. 1, pp. 2:1–2:21, Mar. 2009.
  8. Shams Zawoad, Amit Kumar Dutta& Ragib Hasan "SecLaaS: Secure Logging-as-a-Service for Cloud Forensics", ACM Trans. Inform. Syst. Security, vol. 2, no. 2, pp. 159–176, May 1999.
  9. J. Kelsey, J. Callas, and A. Clemm, Signed Syslog Messages, Request for Comment RFC 5848, Internet Engineering Task Force, Network Working Group, May 2010.
  10. U. Flegel, "Pseudonymizing unix log file," in Proc. Int. Conf. Infrastruture Security, LNCS 2437. Oct. 2002, pp. 162–179.
  11. C. Eckert and A. Pircher, "Internet anonymity: Problems and solutions,"in Proc. 16th IFIP TC-11 Int. Conf. Inform. Security, 2001, pp. 35–50 .
  12. M. Rose, The Blocks Extensible Exchange Protocol Core, Request for Comment RFC 3080, Internet Engineering Task Force, Network Working Group, Mar. 2001.
  13. M. Bellare and B. S. Yee, "Forward integrity for secure audit logs," Dept. Comput. Sci. , Univ. California, San Diego, Tech. Rep. , Nov. 1997.
  14. B. Schneier and J. Kelsey, "Security audit logs to support computer forensics," ACM Trans. Inform. Syst. Security, vol. 2, no. 2, pp. 159–176, May 1999.
  15. J. E. Holt, "Logcrypt : Forward security and public verification for secure audit logs," in Proc. 4th Australasian Inform. Security Workshop, 2006,pp. 203–211.
  16. Indrajit Ray, Kirill Belyaev, Mikhail Strizhov, Dieudonne Mulamba, and Mariappan Rajaram" Secure Logging As a Service—Delegating Log Management to the Cloud" IEEE SYSTEMS JOURNAL, VOL. 7, NO. 2, JUNE 2013
  17. http://en. wikipedia. org/wiki/Web_service
  18. http://spf13. com/post/soap-vs-rest
  19. http://en. wikipedia. org/wiki/Model%E2%80%93view%E2%80%93controller
  20. http://viralpatel. net/blogs/tutorial-spring-3-mvc-introduction-spring-mvc-framework/
  21. http://en. wikipedia. org/wiki/Jelastic
  22. http://www. java-logging. com/
  23. Log4J: http://logging. apache. org/log4j/1. 2/
  24. http://en. wikipedia. org/wiki/Log4j
Index Terms

Computer Science
Information Sciences

Keywords

Logging Secure Logging Cloud Rest Encryption