Design and formal verification of a cloud compliant secure logging mechanism

Sandıkkaya M. T., Ovatman T., HARMANCI A. E.

IET INFORMATION SECURITY, cilt.10, sa.4, ss.203-214, 2016 (SCI-Expanded) identifier identifier

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 10 Sayı: 4
  • Basım Tarihi: 2016
  • Doi Numarası: 10.1049/iet-ifs.2014.0625
  • Dergi Adı: IET INFORMATION SECURITY
  • Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Sayfa Sayıları: ss.203-214
  • Anahtar Kelimeler: formal verification, cloud computing, security of data, formal verification, cloud compliant secure logging mechanism, security concerns, public write-only storage, bulletin board, secure logging protocol, model checking tools
  • İstanbul Teknik Üniversitesi Adresli: Evet

Özet

Security concerns are still retarding cloud adoption. While the research community work on clearing these concerns, an optimistic fair cloud compliant logging scheme may ease the cloud to spread. This study proposes a secure logging mechanism. The mechanism employs an online bulletin board as a public write-only storage for the log records. The bulletin board also acts as a trusted third party during conflict resolution. The secure logging protocol describes how the log records are distributed to the stakeholders. The protocol's security is verified with model checking tools and no security threats could be found.