TY - JOUR
T1 - CLASS: Cloud Log Assuring Soundness and Secrecy Scheme for Cloud Forensics
AU - Ahsan, M A Manazir
AU - Wahid Abdul Wahab, Ainuddin
AU - Idna Idris, Mohd. Yamani
AU - Khan, Suleman
AU - Bachura, Eric
AU - Raymond Choo, Kim-Kwang
PY - 2021/4/1
Y1 - 2021/4/1
N2 - User activity logs can be a valuable source of information in cloud forensic investigations; hence, ensuring the reliability and integrity of such logs is crucial. Most existing solutions for secure logging are designed for conventional systems rather than the complexity of a cloud environment. In this paper, we propose the Cloud Log Assuring Soundness and Secrecy (CLASS) process as an alternative scheme for the securing of logs in a cloud environment. In CLASS, logs are encrypted using the individual user's public key so that only the user is able to decrypt the content. In order to prevent unauthorized modification of the log, we generate proof of past log (PPL) using Rabin's fingerprint and Bloom filter. Such an approach reduces verification time significantly. Findings from our experiments deploying CLASS in OpenStack demonstrate the utility of CLASS in a real-world context.
AB - User activity logs can be a valuable source of information in cloud forensic investigations; hence, ensuring the reliability and integrity of such logs is crucial. Most existing solutions for secure logging are designed for conventional systems rather than the complexity of a cloud environment. In this paper, we propose the Cloud Log Assuring Soundness and Secrecy (CLASS) process as an alternative scheme for the securing of logs in a cloud environment. In CLASS, logs are encrypted using the individual user's public key so that only the user is able to decrypt the content. In order to prevent unauthorized modification of the log, we generate proof of past log (PPL) using Rabin's fingerprint and Bloom filter. Such an approach reduces verification time significantly. Findings from our experiments deploying CLASS in OpenStack demonstrate the utility of CLASS in a real-world context.
KW - Cloud forensics
KW - Cloud log
KW - Cloud log assuring soundness and secrecy
KW - Cloud security
KW - Proof of past log
KW - Sustainable computing
U2 - 10.1109/tsusc.2018.2833502
DO - 10.1109/tsusc.2018.2833502
M3 - Article
VL - 6
SP - 184
EP - 196
JO - IEEE Transactions on Sustainable Computing
JF - IEEE Transactions on Sustainable Computing
SN - 2377-3782
IS - 2
ER -