Creating an Immutable Database for Secure Cloud Audit Trail and System Logging

Robert Anderson Keith Duncan, Mark Whittington

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Downloads (Pure)

Abstract

Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.
Original languageEnglish
Title of host publicationEighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece
Place of PublicationAthens, Greece
PublisherIARIA
Pages54-59
Number of pages6
ISBN (Print)978-1-61208-529-6
Publication statusPublished - 20 Feb 2017
EventEighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece - Novotel Athens Hotel, Athens, Greece
Duration: 19 Feb 201723 Mar 2017
http://www.iaria.org/conferences2017/ProgramCLOUDCOMPUTING17.html

Publication series

Name
ISSN (Print)2308-4294

Conference

ConferenceEighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece
Abbreviated titleCloud Computing
CountryGreece
CityAthens
Period19/02/1723/03/17
Internet address

Fingerprint

Industry

Keywords

  • Cloud security and privacy
  • immutable database
  • forensic trail

Cite this

Duncan, R. A. K., & Whittington, M. (2017). Creating an Immutable Database for Secure Cloud Audit Trail and System Logging. In Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece (pp. 54-59). [28009] Athens, Greece: IARIA.

Creating an Immutable Database for Secure Cloud Audit Trail and System Logging. / Duncan, Robert Anderson Keith; Whittington, Mark.

Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece . Athens, Greece : IARIA, 2017. p. 54-59 28009.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Duncan, RAK & Whittington, M 2017, Creating an Immutable Database for Secure Cloud Audit Trail and System Logging. in Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece ., 28009, IARIA, Athens, Greece, pp. 54-59, Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece , Athens, Greece, 19/02/17.
Duncan RAK, Whittington M. Creating an Immutable Database for Secure Cloud Audit Trail and System Logging. In Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece . Athens, Greece: IARIA. 2017. p. 54-59. 28009
Duncan, Robert Anderson Keith ; Whittington, Mark. / Creating an Immutable Database for Secure Cloud Audit Trail and System Logging. Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece . Athens, Greece : IARIA, 2017. pp. 54-59
@inproceedings{e0272966490d4bf186a1b9763eab1566,
title = "Creating an Immutable Database for Secure Cloud Audit Trail and System Logging",
abstract = "Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.",
keywords = "Cloud security and privacy, immutable database, forensic trail",
author = "Duncan, {Robert Anderson Keith} and Mark Whittington",
note = "Archived in the free access ThinkMindTM Digital Library, not CC",
year = "2017",
month = "2",
day = "20",
language = "English",
isbn = "978-1-61208-529-6",
publisher = "IARIA",
pages = "54--59",
booktitle = "Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece",

}

TY - GEN

T1 - Creating an Immutable Database for Secure Cloud Audit Trail and System Logging

AU - Duncan, Robert Anderson Keith

AU - Whittington, Mark

N1 - Archived in the free access ThinkMindTM Digital Library, not CC

PY - 2017/2/20

Y1 - 2017/2/20

N2 - Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.

AB - Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.

KW - Cloud security and privacy

KW - immutable database

KW - forensic trail

M3 - Conference contribution

SN - 978-1-61208-529-6

SP - 54

EP - 59

BT - Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece

PB - IARIA

CY - Athens, Greece

ER -