Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Improving Integrity Assurances of Log Entries From the Perspective of Intermittently Disconnected Devices
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.
2014 (engelsk)OppgaveAlternativ tittel
Förbättring av integritetsförsäkring av loggar sett från tillfälligt bortkopplade enheter (svensk)
Abstract [en]

It is common today in large corporate environments for system administrators to employ centralized systems for log collection and analysis. The log data can come from any device between smart-phones and large scale server clusters. During an investigation of a system failure or suspected intrusion these logs may contain vital information. However, the trustworthiness of this log data must be confirmed. The objective of this thesis is to evaluate the state of the art and provide practical solutions and suggestions in the field of secure logging. In this thesis we focus on solutions that do not require a persistent connection to a central log management system. To this end a prototype logging framework was developed including client, server and verification applications. The client employs different techniques of signing log entries. The focus of this thesis is to evaluate each signing technique from both a security and performance perspective. This thesis evaluates "Traditional RSA-signing", "Traditional Hash-chains"', "Itkis-Reyzin's asymmetric FSS scheme" and "RSA signing and tick-stamping with TPM", the latter being a novel technique developed by us. In our evaluations we recognized the inability of the evaluated techniques to detect so called `truncation-attacks', therefore a truncation detection module was also developed which can be used independent of and side-by-side with any signing technique. In this thesis we conclude that our novel Trusted Platform Module technique has the most to offer in terms of log security, however it does introduce a hardware dependency on the TPM. We have also shown that the truncation detection technique can be used to assure an external verifier of the number of log entries that has at least passed through the log client software.

sted, utgiver, år, opplag, sider
2014. , s. 62
Emneord [en]
Secure logging, forward security, TPM, digital signature
HSV kategori
Identifikatorer
URN: urn:nbn:se:bth-3994Lokal ID: oai:bth.se:arkivex950FE85ABF96F623C1257D0E005EEF31OAI: oai:DiVA.org:bth-3994DiVA, id: diva2:831312
Utdanningsprogram
DVACD Master of Science in Computer Security
Uppsök
Technology
Veileder
Tilgjengelig fra: 2015-04-22 Laget: 2014-07-07 Sist oppdatert: 2018-01-11bibliografisk kontrollert

Open Access i DiVA

fulltekst(638 kB)379 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 638 kBChecksum SHA-512
bc1f64f4bd9688b1cc1c64603cffd756550471d611537def0249416b1cfab5cc12b274baa947985cb334a675bafce1b9e50dd1478c1e976bf7d69c9a08c1344d
Type fulltextMimetype application/pdf

Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 379 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 598 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf