Security log with integrity verification support

doi:10.16511/j.cnki.qhdxxb.2016.21.025

Download: PDF(1769 KB)
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract With the increasing complexity of the large data processing systems, Byzantine fault behavior caused by software bugs, misconfiguration or malicious intrusions can seriously affect system availability. Byzantine fault nodes can then cheat other correct nodes by equivocation behavior, so the equivocation behaviors can be detected to maintain system safety. This paper presents a security log with integrity verification support, Log-Keeper, which generates integrity proofs for existence and consistency verification. Frequent verification in a distributed environment uses an IndexTree-based Log-Keeper which supports O(lbn) proof. Tests show that the size of the integrity proofs generated by Log-Keeper is 25%~50% of that of the authenticated append-only skip list (AASL).

Keywords Byzantine fault detection integrity verification tamper evidence

ZTFLH:

TP393.08

Issue Date: 15 March 2016

	Service

	E-mail this article
	E-mail Alert
	RSS
	Articles by authors

	WANG Yongjian
	JIN Bo
	DONG Jian

Cite this article:

WANG Yongjian,JIN Bo,DONG Jian. Security log with integrity verification support[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(3): 237-245.

URL:

http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2016.21.025 OR http://jst.tsinghuajournals.com/EN/Y2016/V56/I3/237

[1] Keeney M, Kowalski E, Cappelli D, et al. Insider threat study:Computer system sabotage in critical infrastructure sectors[R]. Pittsburgh, PA, USA:Carnegie Mellon University, 2005.
[2] Chun B G, Maniatis P, Shenker S, et al. Attested append-only memory:Making adversaries stick to their word[J]. ACM SIGOPS Operating Systems Reviews, 2007, 41(6):189-204.
[3] Gil T, Muthitacharoen A, Morris R, et al. Ivy:A read/writepeer-to-peer file system[J]. Proc Fifth Symposium on Operating Systems Design and Implementation, 2002, 36(1):31-44.
[4] Abd-El-Malek M, Ganger G R, Goodson G R, et al. Fault-scalable Byzantine fault-tolerant services[J]. Proceedings of ACM Symposium on Operating Systems Principles, 2005, 39(5):59-74.
[5] Castro M, Liskov B. Practical byzantine fault tolerance and proactive recovery[J]. ACM Transactions on Computer Systems, 2002, 20(4):398-461.
[6] Kotla R, Clement A, Wong E, et al. Zyzzyva:Speculative byzantine fault tolerance[J]. Communications of the ACM, 2009, 27(11):86-95.
[7] 咸鹤群, 冯登国. 外包数据库模型中的完整性检测方案[J]. 计算机研究与发展, 2010, 47(6):1107-1115.Xian H, Feng D. An integrity checking scheme in outsourced database model[J]. Journal of Computer Research & Development, 2010, 47(6):1107-1115.
[8] Pavlou K E, Snodgrass R T. Forensic analysis of database tampering[C]//Proceedings of the 2006 ACM SIGMOD international conference on Management of data. New York, NY, USA:ACM, 2006:109-120.
[9] Maniatis P. Historic integrity in distributed systems[D]. Palo Alto, CA, USA:Stanford University, 2003.
[10] Bao Y, Wang Y, Luan Z, et al. IndexTree:An Efficient Tamper-Evidence Logging[C]//Proc 12th IEEE International Conference on High Performance Computing and Communications (HPCC 2010). Piscataway, NJ, USA:IEEE Press, 2010:701-706.
[11] Merkle R. C. Protocols for public key cryptosystems[C]//Proc IEEE Symposium on Security and Privacy. Piscataway, NJ, USA:IEEE Press, 1980:122-122.