Design and formal verification of a cloud compliant secure logging mechanism

被引：7

作者：

Sandikkaya, Mehmet Tahir ^{[1
]}

Ovatman, Tolga ^{[1
]}

Harmanci, Ali Emre ^{[1
]}

机构：

[1] Istanbul Tech Univ, Dept Comp Engn, TR-80626 Istanbul, Turkey

来源：

IET INFORMATION SECURITY | 2016年 / 10卷 / 04期

关键词：

formal verification; cloud computing; security of data; cloud compliant secure logging mechanism; security concerns; public write-only storage; bulletin board; secure logging protocol; model checking tools;

D O I：

10.1049/iet-ifs.2014.0625

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Security concerns are still retarding cloud adoption. While the research community work on clearing these concerns, an optimistic fair cloud compliant logging scheme may ease the cloud to spread. This study proposes a secure logging mechanism. The mechanism employs an online bulletin board as a public write-only storage for the log records. The bulletin board also acts as a trusted third party during conflict resolution. The secure logging protocol describes how the log records are distributed to the stakeholders. The protocol's security is verified with model checking tools and no security threats could be found.

引用

页码：203 / 214

页数：12

共 13 条

[1]

[Anonymous], IT CLOUD SERVICES 2

[2]

[Anonymous], 1997, Technical Report

[3]

Basin D., 2005, Int J Inf Secur, V4, P181, DOI DOI 10.1007/S10207-004-0055-7

[4]

Chong CN, 2003, INT FED INFO PROC, V122, P73

[5]

Di Ma, 2009, ACM Transaction on Storage, V5, DOI 10.1145/1502777.1502779

[6] ON THE SECURITY OF PUBLIC KEY PROTOCOLS [J].

DOLEV, D ;

YAO, AC .

IEEE TRANSACTIONS ON INFORMATION THEORY, 1983, 29 (02) :198-208

[7] The ASW Protocol Revisited: A Unified View [J].

Drielsma, Paul Hankes ;

Moedersheim, Sebastian .

ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2005, 125 (01) :145-161

[8]

Gens F., 2009, NEW IDC IT CLOUD SER

[9]

Lin F. J., 1987, Computer Communication Review, V17, P126, DOI 10.1145/55483.55496

[10] Secure Logging As a Service-Delegating Log Management to the Cloud [J].

Ray, Indrajit ;

Belyaev, Kirill ;

Strizhov, Mikhail ;

Mulamba, Dieudonne ;

Rajaram, Mariappan .

IEEE SYSTEMS JOURNAL, 2013, 7 (02) :323-334

← 1 2 →