Design and formal verification of a cloud compliant secure logging mechanism


Sandıkkaya M. T. , Ovatman T. , HARMANCI A. E.

IET INFORMATION SECURITY, vol.10, no.4, pp.203-214, 2016 (Journal Indexed in SCI) identifier identifier

  • Publication Type: Article / Article
  • Volume: 10 Issue: 4
  • Publication Date: 2016
  • Doi Number: 10.1049/iet-ifs.2014.0625
  • Title of Journal : IET INFORMATION SECURITY
  • Page Numbers: pp.203-214
  • Keywords: formal verification, cloud computing, security of data, formal verification, cloud compliant secure logging mechanism, security concerns, public write-only storage, bulletin board, secure logging protocol, model checking tools

Abstract

Security concerns are still retarding cloud adoption. While the research community work on clearing these concerns, an optimistic fair cloud compliant logging scheme may ease the cloud to spread. This study proposes a secure logging mechanism. The mechanism employs an online bulletin board as a public write-only storage for the log records. The bulletin board also acts as a trusted third party during conflict resolution. The secure logging protocol describes how the log records are distributed to the stakeholders. The protocol's security is verified with model checking tools and no security threats could be found.