CLASS: Cloud Log Assuring Soundness and Secrecy Scheme for Cloud Forensics

被引:17
作者
Ahsan, M. A. Manazir [1 ]
Wahab, Ainuddin Wahid Bin Abdul [1 ]
Bin Idris, Mohd Yamani Idna [1 ]
Khan, Suleman [2 ]
Bachura, Eric [3 ]
Choo, Kim-Kwang Raymond [3 ]
机构
[1] Univ Malaya, Fac Comp Sci & Informat Technol, Kuala Lumpur 50603, Malaysia
[2] Monash Univ, Sch Informat Technol, Bandar Sunway 47500, Malaysia
[3] Univ Texas San Antonio, Dept Informat Syst & Cyber Secur, San Antonio, TX 78249 USA
来源
IEEE TRANSACTIONS ON SUSTAINABLE COMPUTING | 2021年 / 6卷 / 02期
关键词
Cloud computing; Forensics; Servers; Privacy; Public key; Cloud forensics; cloud log; cloud log assuring soundness and secrecy; cloud security; proof of past log; sustainable computing; SECURITY; FRAMEWORK;
D O I
10.1109/TSUSC.2018.2833502
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
User activity logs can be a valuable source of information in cloud forensic investigations; hence, ensuring the reliability and integrity of such logs is crucial. Most existing solutions for secure logging are designed for conventional systems rather than the complexity of a cloud environment. In this paper, we propose the Cloud Log Assuring Soundness and Secrecy (CLASS) process as an alternative scheme for the securing of logs in a cloud environment. In CLASS, logs are encrypted using the individual user's public key so that only the user is able to decrypt the content. In order to prevent unauthorized modification of the log, we generate proof of past log (PPL) using Rabin's fingerprint and Bloom filter. Such an approach reduces verification time significantly. Findings from our experiments deploying CLASS in OpenStack demonstrate the utility of CLASS in a real-world context.
引用
收藏
页码:184 / 196
页数:13
相关论文
共 39 条
[1]   Forensic-by-Design Framework for Cyber-Physical Cloud Systems [J].
Ab Rahman, Nurul Hidayah ;
Glisson, William Bradley ;
Yang, Yanjiang ;
Choo, Kim-Kwang Raymond .
IEEE CLOUD COMPUTING, 2016, 3 (01) :50-59
[2]   A Cross Tenant Access Control (CTAC) Model for Cloud Computing: Formal Specification and Verification [J].
Alam, Quratulain ;
Malik, Saif U. R. ;
Akhunzada, Adnan ;
Choo, Kim-Kwang Raymond ;
Tabbasum, Saher ;
Alam, Masoom .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2017, 12 (06) :1259-1268
[3]  
[Anonymous], 1999, ACM Trans. Inf. Syst. Secur.
[4]  
[Anonymous], 2017, OPENSTACK INSTALLATI
[5]  
[Anonymous], 1981, FINGERPRINTING RANDO
[6]  
Bellare M, 1997, FORWARD INTEGRITY SE, V184
[7]  
Blakley GR, 1979, P AFIPS NEW YORK NY, P313, DOI DOI 10.1109/MARK.1979.8817296
[8]   Cloud forensics: State-of-the-art and future directions [J].
Choo, Kim-Kwang Raymond ;
Herman, Martin ;
Iorga, Michaela ;
Martini, Ben .
DIGITAL INVESTIGATION, 2016, 18 :77-78
[9]  
Di Ma, 2009, ACM Transaction on Storage, V5, DOI 10.1145/1502777.1502779
[10]   Challenges of Connecting Edge and Cloud Computing: A Security and Forensic Perspective [J].
Esposito, Christian ;
Castiglione, Aniello ;
Pop, Florin ;
Choo, Kim-Kwang Raymond .
IEEE CLOUD COMPUTING, 2017, 4 (02) :13-17