Design and formal verification of a cloud compliant secure logging mechanism

Sandıkkaya M. T. , Ovatman T., HARMANCI A. E.

IET INFORMATION SECURITY, vol.10, no.4, pp.203-214, 2016 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 10 Issue: 4
  • Publication Date: 2016
  • Doi Number: 10.1049/iet-ifs.2014.0625
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Page Numbers: pp.203-214
  • Keywords: formal verification, cloud computing, security of data, formal verification, cloud compliant secure logging mechanism, security concerns, public write-only storage, bulletin board, secure logging protocol, model checking tools
  • Istanbul Technical University Affiliated: Yes


Security concerns are still retarding cloud adoption. While the research community work on clearing these concerns, an optimistic fair cloud compliant logging scheme may ease the cloud to spread. This study proposes a secure logging mechanism. The mechanism employs an online bulletin board as a public write-only storage for the log records. The bulletin board also acts as a trusted third party during conflict resolution. The secure logging protocol describes how the log records are distributed to the stakeholders. The protocol's security is verified with model checking tools and no security threats could be found.