Creating an Immutable Database for Secure Cloud Audit Trail and System Logging

Robert Anderson Keith Duncan; Mark Whittington

Creating an Immutable Database for Secure Cloud Audit Trail and System Logging

Robert Anderson Keith Duncan, Mark Whittington

Research output: Chapter in Book/Report/Conference proceeding › Published conference contribution

6 Downloads (Pure)

Abstract

Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.

Original language	English
Title of host publication	Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece
Place of Publication	Athens, Greece
Publisher	IARIA
Pages	54-59
Number of pages	6
ISBN (Print)	978-1-61208-529-6
Publication status	Published - 20 Feb 2017
Event	Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece - Novotel Athens Hotel, Athens, Greece Duration: 19 Feb 2017 → 23 Mar 2017 http://www.iaria.org/conferences2017/ProgramCLOUDCOMPUTING17.html

Publication series

Name
ISSN (Print)	2308-4294

Conference

Conference	Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece
Abbreviated title	Cloud Computing
Country/Territory	Greece
City	Athens
Period	19/02/17 → 23/03/17
Internet address	http://www.iaria.org/conferences2017/ProgramCLOUDCOMPUTING17.html

Bibliographical note

Archived in the free access ThinkMindTM Digital Library, not CC

Keywords

Cloud security and privacy
immutable database
forensic trail

Cite this

Creating an Immutable Database for Secure Cloud Audit Trail and System Logging. / Duncan, Robert Anderson Keith; Whittington, Mark.
Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece . Athens, Greece: IARIA, 2017. p. 54-59 28009.

Research output: Chapter in Book/Report/Conference proceeding › Published conference contribution

Duncan, RAK & Whittington, M 2017, Creating an Immutable Database for Secure Cloud Audit Trail and System Logging. in Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece ., 28009, IARIA, Athens, Greece, pp. 54-59, Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece , Athens, Greece, 19/02/17.

@inproceedings{e0272966490d4bf186a1b9763eab1566,

title = "Creating an Immutable Database for Secure Cloud Audit Trail and System Logging",

abstract = "Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.",

keywords = "Cloud security and privacy, immutable database, forensic trail",

author = "Duncan, {Robert Anderson Keith} and Mark Whittington",

note = "Archived in the free access ThinkMindTM Digital Library, not CC; Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece , Cloud Computing ; Conference date: 19-02-2017 Through 23-03-2017",

year = "2017",

month = feb,

day = "20",

language = "English",

isbn = "978-1-61208-529-6",

publisher = "IARIA",

pages = "54--59",

booktitle = "Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece",

url = "http://www.iaria.org/conferences2017/ProgramCLOUDCOMPUTING17.html",

}

TY - GEN

T1 - Creating an Immutable Database for Secure Cloud Audit Trail and System Logging

AU - Duncan, Robert Anderson Keith

AU - Whittington, Mark

N1 - Archived in the free access ThinkMindTM Digital Library, not CC

PY - 2017/2/20

Y1 - 2017/2/20

N2 - Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.

AB - Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.

KW - Cloud security and privacy

KW - immutable database

KW - forensic trail

M3 - Published conference contribution

SN - 978-1-61208-529-6

SP - 54

EP - 59

BT - Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece

PB - IARIA

CY - Athens, Greece

T2 - Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece

Y2 - 19 February 2017 through 23 March 2017

ER -

Creating an Immutable Database for Secure Cloud Audit Trail and System Logging

Abstract

Publication series

Conference

Bibliographical note

Keywords

Fingerprint

Cite this