Browse > Article

Design and Analysis of the Log Authentication Mechanism based on the Merkle Tree  

Lee, Jung yeob (단국대학교/컴퓨터학과)
Park, Chang seop (단국대학교/컴퓨터학과)
Publication Information
Convergence Security Journal / v.17, no.1, 2017 , pp. 3-13 More about this Journal
Abstract
As security log plays important roles in various fields, the integrity of log data become more and more important. Especially, the stored log data is an immediate target of the intruder to erase his trace in the system penetrated. Several theoretical schemes to guarantee the forward secure integrity have been proposed, even though they cannot provide the integrity of the log data after the system is penetrated. Authentication tags of these methods are based on the linear-hash chain. In this case, it is difficult to run partial validation and to accelerate generating and validating authentication tags. In this paper, we propose a log authentication mechanism, based on Mekle Tree, which is easy to do partial validation and able to apply multi threading.
Keywords
Integrity; Log System; Merkle Tree; Audit Log; Forward Security;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Chuvakin, A., Schmidt, K., & Phillips, C. (2012). Logging and log management: the authoritative guide to understanding the concepts surrounding logging and log management. Newnes.
2 Malasri, K., & Wang, L. (2009). Securing wireless implantable devices for healthcare: Ideas and challenges. IEEE Communications Magazine, 47(7), 74-80.   DOI
3 Gerhards, R. (2009). The syslog protocol. RFC.5424
4 Bellare, M., & Yee, B. (1997). Forward integrity for secure audit logs (Vol. 184). Technical report, Computer Science and Engineering Department, University of California at San Diego.
5 Hsu, W. W., & Ong, S. (2007). WORM storage is not enough [Technical Forum]. IBM Systems Journal, 46(2), 363-369.   DOI
6 강석규, & 박창섭. (2015). 전방 안전성이 보장되는 로그 시스템 보안기법 비교분석. 융합보안논문지, 15(7), 85-96.
7 강석규, & 박창섭. (2015). 키 지연 노출에 기반을 둔 로그 전송을 고려한 로그 저장 기법. 융합보안논문지, 15(5), 37-45.
8 Schneier, B., & Kelsey, J. (1999). Secure audit logs to support computer forensics. ACM Transactions on Information and System Security (TISSEC), 2 (2), 159-176.   DOI
9 Ma, D. & Tsudik, G. (2007, May). Forward-secure sequential aggregate authentication. In 2007 IEEE Symposium on Security and Privacy (SP'07) (pp. 86-91). IEEE.
10 Ma, D. & Tsudik, G. (2009). A new approach to secure logging. ACM Transactions on Storage (TOS), 5(1), 2.
11 Merkle, R. C. (1989, August). A certified digital signature. In Conference on the Theory and Application of Cryptology (pp. 218-238). Springer New York.