A Framework for Secure and Verifiable Logging in Public Communication Networks
In this paper we are focusing on secure logging for public network providers. We review existing security threat models against system logging and we extend these to a new threat model especially suited in the environment of telecommunication network providers. We also propose a framework for secure...
Gespeichert in:
Hauptverfasser: | , , |
---|---|
Format: | Tagungsbericht |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
container_end_page | 284 |
---|---|
container_issue | |
container_start_page | 273 |
container_title | |
container_volume | |
creator | Stathopoulos, Vassilios Kotzanikolaou, Panayiotis Magkos, Emmanouil |
description | In this paper we are focusing on secure logging for public network providers. We review existing security threat models against system logging and we extend these to a new threat model especially suited in the environment of telecommunication network providers. We also propose a framework for secure logging in public communication networks as well as realistic implementations designs, which are more resilient to the identified security threats. A key role to the proposed framework is given to an independent Regulatory Authority, which is responsible to verify the integrity of the log files. |
doi_str_mv | 10.1007/11962977_22 |
format | Conference Proceeding |
fullrecord | <record><control><sourceid>pascalfrancis_sprin</sourceid><recordid>TN_cdi_pascalfrancis_primary_20039508</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>20039508</sourcerecordid><originalsourceid>FETCH-LOGICAL-p219t-42e49b3b23f63dd343762e1e19f5b6dceea18df5db6cc0b4455bac0b8ee39863</originalsourceid><addsrcrecordid>eNpNUEtLAzEYjC-w1p78A7l48LCa5MtmN8dSrAqlChavS5L9dondR0m2iP_eLVVwLjMww8AMITec3XPGsgfOtRI6ywohTsgVpJIpzXLJTsmEK84TAKnPyExn-Z8H4pxMGDCR6EzCJZnF-MlGAM-YgglZz-kymBa_-rClVR_oO7p9QGq6kn5g8JU3tkG66uvadzX1HX3b28Y7uujbdt95Zwbfd3SNw6EhXpOLyjQRZ788JZvl42bxnKxen14W81WyE1wPiRQotQUroFJQliAhUwI5cl2lVpUO0fC8rNLSKueYlTJNrRlFjgg6VzAlt8fanYnONFUwnfOx2AXfmvBdiHGfTsfxU3J3zMXR6moMhe37bSw4Kw5_Fv_-hB8m9WJ8</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>A Framework for Secure and Verifiable Logging in Public Communication Networks</title><source>Springer Books</source><creator>Stathopoulos, Vassilios ; Kotzanikolaou, Panayiotis ; Magkos, Emmanouil</creator><contributor>Lopez, Javier</contributor><creatorcontrib>Stathopoulos, Vassilios ; Kotzanikolaou, Panayiotis ; Magkos, Emmanouil ; Lopez, Javier</creatorcontrib><description>In this paper we are focusing on secure logging for public network providers. We review existing security threat models against system logging and we extend these to a new threat model especially suited in the environment of telecommunication network providers. We also propose a framework for secure logging in public communication networks as well as realistic implementations designs, which are more resilient to the identified security threats. A key role to the proposed framework is given to an independent Regulatory Authority, which is responsible to verify the integrity of the log files.</description><identifier>ISSN: 0302-9743</identifier><identifier>ISBN: 9783540690832</identifier><identifier>ISBN: 3540690832</identifier><identifier>EISSN: 1611-3349</identifier><identifier>EISBN: 3540690840</identifier><identifier>EISBN: 9783540690849</identifier><identifier>DOI: 10.1007/11962977_22</identifier><language>eng</language><publisher>Berlin, Heidelberg: Springer Berlin Heidelberg</publisher><subject>Applied sciences ; Computer science; control theory; systems ; Computer systems and distributed systems. User interface ; Exact sciences and technology ; Information systems. Data bases ; Lawful Interception ; Memory and file management (including protection and security) ; Memory organisation. Data processing ; Password Management ; Security Incident ; Security Measure ; Software ; Threat Model</subject><ispartof>Critical Information Infrastructures Security, 2006, p.273-284</ispartof><rights>Springer-Verlag Berlin Heidelberg 2006</rights><rights>2008 INIST-CNRS</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/11962977_22$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/11962977_22$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>309,310,775,776,780,785,786,789,4036,4037,27902,38232,41418,42487</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=20039508$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><contributor>Lopez, Javier</contributor><creatorcontrib>Stathopoulos, Vassilios</creatorcontrib><creatorcontrib>Kotzanikolaou, Panayiotis</creatorcontrib><creatorcontrib>Magkos, Emmanouil</creatorcontrib><title>A Framework for Secure and Verifiable Logging in Public Communication Networks</title><title>Critical Information Infrastructures Security</title><description>In this paper we are focusing on secure logging for public network providers. We review existing security threat models against system logging and we extend these to a new threat model especially suited in the environment of telecommunication network providers. We also propose a framework for secure logging in public communication networks as well as realistic implementations designs, which are more resilient to the identified security threats. A key role to the proposed framework is given to an independent Regulatory Authority, which is responsible to verify the integrity of the log files.</description><subject>Applied sciences</subject><subject>Computer science; control theory; systems</subject><subject>Computer systems and distributed systems. User interface</subject><subject>Exact sciences and technology</subject><subject>Information systems. Data bases</subject><subject>Lawful Interception</subject><subject>Memory and file management (including protection and security)</subject><subject>Memory organisation. Data processing</subject><subject>Password Management</subject><subject>Security Incident</subject><subject>Security Measure</subject><subject>Software</subject><subject>Threat Model</subject><issn>0302-9743</issn><issn>1611-3349</issn><isbn>9783540690832</isbn><isbn>3540690832</isbn><isbn>3540690840</isbn><isbn>9783540690849</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2006</creationdate><recordtype>conference_proceeding</recordtype><recordid>eNpNUEtLAzEYjC-w1p78A7l48LCa5MtmN8dSrAqlChavS5L9dondR0m2iP_eLVVwLjMww8AMITec3XPGsgfOtRI6ywohTsgVpJIpzXLJTsmEK84TAKnPyExn-Z8H4pxMGDCR6EzCJZnF-MlGAM-YgglZz-kymBa_-rClVR_oO7p9QGq6kn5g8JU3tkG66uvadzX1HX3b28Y7uujbdt95Zwbfd3SNw6EhXpOLyjQRZ788JZvl42bxnKxen14W81WyE1wPiRQotQUroFJQliAhUwI5cl2lVpUO0fC8rNLSKueYlTJNrRlFjgg6VzAlt8fanYnONFUwnfOx2AXfmvBdiHGfTsfxU3J3zMXR6moMhe37bSw4Kw5_Fv_-hB8m9WJ8</recordid><startdate>2006</startdate><enddate>2006</enddate><creator>Stathopoulos, Vassilios</creator><creator>Kotzanikolaou, Panayiotis</creator><creator>Magkos, Emmanouil</creator><general>Springer Berlin Heidelberg</general><general>Springer</general><scope>IQODW</scope></search><sort><creationdate>2006</creationdate><title>A Framework for Secure and Verifiable Logging in Public Communication Networks</title><author>Stathopoulos, Vassilios ; Kotzanikolaou, Panayiotis ; Magkos, Emmanouil</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-p219t-42e49b3b23f63dd343762e1e19f5b6dceea18df5db6cc0b4455bac0b8ee39863</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2006</creationdate><topic>Applied sciences</topic><topic>Computer science; control theory; systems</topic><topic>Computer systems and distributed systems. User interface</topic><topic>Exact sciences and technology</topic><topic>Information systems. Data bases</topic><topic>Lawful Interception</topic><topic>Memory and file management (including protection and security)</topic><topic>Memory organisation. Data processing</topic><topic>Password Management</topic><topic>Security Incident</topic><topic>Security Measure</topic><topic>Software</topic><topic>Threat Model</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Stathopoulos, Vassilios</creatorcontrib><creatorcontrib>Kotzanikolaou, Panayiotis</creatorcontrib><creatorcontrib>Magkos, Emmanouil</creatorcontrib><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Stathopoulos, Vassilios</au><au>Kotzanikolaou, Panayiotis</au><au>Magkos, Emmanouil</au><au>Lopez, Javier</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>A Framework for Secure and Verifiable Logging in Public Communication Networks</atitle><btitle>Critical Information Infrastructures Security</btitle><date>2006</date><risdate>2006</risdate><spage>273</spage><epage>284</epage><pages>273-284</pages><issn>0302-9743</issn><eissn>1611-3349</eissn><isbn>9783540690832</isbn><isbn>3540690832</isbn><eisbn>3540690840</eisbn><eisbn>9783540690849</eisbn><abstract>In this paper we are focusing on secure logging for public network providers. We review existing security threat models against system logging and we extend these to a new threat model especially suited in the environment of telecommunication network providers. We also propose a framework for secure logging in public communication networks as well as realistic implementations designs, which are more resilient to the identified security threats. A key role to the proposed framework is given to an independent Regulatory Authority, which is responsible to verify the integrity of the log files.</abstract><cop>Berlin, Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/11962977_22</doi><tpages>12</tpages></addata></record> |
fulltext | fulltext |
identifier | ISSN: 0302-9743 |
ispartof | Critical Information Infrastructures Security, 2006, p.273-284 |
issn | 0302-9743 1611-3349 |
language | eng |
recordid | cdi_pascalfrancis_primary_20039508 |
source | Springer Books |
subjects | Applied sciences Computer science control theory systems Computer systems and distributed systems. User interface Exact sciences and technology Information systems. Data bases Lawful Interception Memory and file management (including protection and security) Memory organisation. Data processing Password Management Security Incident Security Measure Software Threat Model |
title | A Framework for Secure and Verifiable Logging in Public Communication Networks |
url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T16%3A00%3A40IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=A%20Framework%20for%20Secure%20and%20Verifiable%20Logging%20in%20Public%20Communication%20Networks&rft.btitle=Critical%20Information%20Infrastructures%20Security&rft.au=Stathopoulos,%20Vassilios&rft.date=2006&rft.spage=273&rft.epage=284&rft.pages=273-284&rft.issn=0302-9743&rft.eissn=1611-3349&rft.isbn=9783540690832&rft.isbn_list=3540690832&rft_id=info:doi/10.1007/11962977_22&rft_dat=%3Cpascalfrancis_sprin%3E20039508%3C/pascalfrancis_sprin%3E%3Curl%3E%3C/url%3E&rft.eisbn=3540690840&rft.eisbn_list=9783540690849&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |