In View Of The Fact That Log Files Hold Record Of Most System Events Including User Activities They Turn Out To Be An Important Target For Malicious Attackers. An Attacker Breaking Into A System Normally Would Try Not To Leave Traces Of His Or Her Activities Behind. As A Result The First Thing An Attacker Often Does Is To Harm Log Files Or Break Off The Logging Services. In Addition The Sensitive Information Contained In Log Files Often Directly Contributes To Confidentiality Breaches. An Illustration Of This Is When Logs Contain Database Transaction Data. Regularly Log Information Can Be Cooperative To An Attacker In Attainment Unauthorized Access To System. One Example Of This Is The Case When A User Incorrectly Enters Her Password In The Username Field While Logging Into A System. Logging Programs Will Store Up The Password As The User-Id To Evidence The Information That A User Has Failed To Log In. Last But Not Least Information In Log File Can Also Be Used To Cause Privacy Breaches For Users In The System Since The Log File Contains Record Of All Events In The System. It Is Extremely Significant That Logging Be Provided In A Protected Manner And That The Log Records Are Effectively Protected For A Predetermined Amount Of Time Maybe Even Indefinitely. Traditional Logging Protocols That Are Based On Syslog Have Not Been Designed With Such Security Features In Mind.

 

Cloud Computing, Logging, Privacy, Security.

K. Kent And M. Souppaya. (1992). Guide To Computer Security Log Management, NIST Special Publication 800-92 [Online]. Available: Http://Csrc.Nist.Gov/Publications/Nistpubs/800-92/SP800-92.Pdf

U.S. Department Of Health And Human Services. (2011, Sep.). HIPAA—General Information [Online]. Available: Https://Www.Cms.Gov/ Hipaageninfo

PCI Security Standards Council. (2006, Sep.) Payment Card Industry (PCI) Data Security Standard—Security Audit Procedures Version 1.1 [Online]. Available: Https://Www.Pcisecuritystandards.Org/Pdfs/ Pci−Audit−Procedures−V1-1.Pdf

Sarbanes-Oxley Act 2002. (2002, Sep.). A Guide To The Sarbanes-Oxley Act [Online]. Available: Http://Www.Soxlaw.Com/

C. Lonvick, The BSD Syslog Protocol, Request For Comment RFC 3164, Internet Engineering Task Force, Network Working Group, Aug. 2001.

D. New And M. Rose, Reliable Delivery For Syslog, Request For Comment RFC 3195, Internet Engineering Task Force, Network Working Group, Nov. 2001.

M. Bellare And B. S. Yee, “Forward Integrity For Secure Audit Logs,” Dept. Comput. Sci., Univ. California, San Diego, Tech. Rep., Nov. 1997.

Balabit IT Security (2011, Sep.). Syslog-Ng—Multiplatform Syslog Server And Logging Daemon [Online]. Available: Http://Www.Balabit. Com/Network-Security/Syslog-Ng

J. Kelsey, J. Callas, And A. Clemm, Signed Syslog Messages, Request For Comment RFC 5848, Internet Engineering Task Force, Network Working Group, May 2010.

D. Ma And G. Tsudik, “A New Approach To Secure Logging,” ACM Trans. Storage, Vol. 5, No. 1, Pp. 2:1–2:21, Mar. 2009.

U. Flegel, “Pseudonymizing Unix Log File,” In Proc. Int. Conf. Infrastruture Security, LNCS 2437. Oct. 2002, Pp. 162–179.

C. Eckert And A. Pircher, “Internet Anonymity: Problems And Solutions,” In Proc. 16th IFIP TC-11 Int. Conf. Inform. Security, 2001, Pp. 35–50 .

M. Rose, The Blocks Extensible Exchange Protocol Core, Request For Comment RFC 3080, Internet Engineering Task Force, Network Working Group, Mar. 2001.

B. Schneier And J. Kelsey, “Security Audit Logs To Support Computer Forensics,” ACM Trans. Inform. Syst. Security, Vol. 2, No. 2, Pp. 159– 176, May 1999.

J. E. Holt, “Logcrypt: Forward Security And Public Verification For Secure Audit Logs,” In Proc. 4th Australasian Inform. Security Workshop, 2006, Pp. 203–211.

R. Dingledine, N. Mathewson, And P. Syverson, “Tor: The Secondgeneration Onion Router,” In Proc. 12th Ann. USENIX Security Symp., Aug. 2004, Pp. 21–21.