Trusted Logging for Grid Computing
The rise of many kinds of grid systems, and associated security threats, makes very necessary the provision of trustworthy services for audit and logging. However, existing solutions tend to put little emphasis on the security of logging. We present a number of use cases where the logs have security...
Main Authors: | , , |
---|---|
Format: | Conference item |
Published: |
2008
|
_version_ | 1797065318630162432 |
---|---|
author | Huh, J Martin, A Soc, I |
author_facet | Huh, J Martin, A Soc, I |
author_sort | Huh, J |
collection | OXFORD |
description | The rise of many kinds of grid systems, and associated security threats, makes very necessary the provision of trustworthy services for audit and logging. However, existing solutions tend to put little emphasis on the security of logging. We present a number of use cases where the logs have security properties in their own rights, and so the logs themselves are highly privileged: hence, these need to be integrity and confidentiality protected while being generated, accessed, reconciled and analysed with distributed services spanning across multiple administrative domains. We derive a common set of secure logging requirements to address the security gaps which exist between these use cases and existing solutions. From the requirements, we propose a novel logging architecture for the grid based on Virtual Machine (VM) isolation and trusted computing capabilities: a small number of privileged driver VMs trigger all trusted logging requests and forward them to the secure logging service running within the log security manager. The logging service verifies the integrity of the log data and the security configurations of these driver VMs (log generators) before storing the logs. © 2008 IEEE. |
first_indexed | 2024-03-06T21:26:57Z |
format | Conference item |
id | oxford-uuid:436d2318-7311-413c-a0a0-850295695386 |
institution | University of Oxford |
last_indexed | 2024-03-06T21:26:57Z |
publishDate | 2008 |
record_format | dspace |
spelling | oxford-uuid:436d2318-7311-413c-a0a0-8502956953862022-03-26T14:55:14ZTrusted Logging for Grid ComputingConference itemhttp://purl.org/coar/resource_type/c_5794uuid:436d2318-7311-413c-a0a0-850295695386Symplectic Elements at Oxford2008Huh, JMartin, ASoc, IThe rise of many kinds of grid systems, and associated security threats, makes very necessary the provision of trustworthy services for audit and logging. However, existing solutions tend to put little emphasis on the security of logging. We present a number of use cases where the logs have security properties in their own rights, and so the logs themselves are highly privileged: hence, these need to be integrity and confidentiality protected while being generated, accessed, reconciled and analysed with distributed services spanning across multiple administrative domains. We derive a common set of secure logging requirements to address the security gaps which exist between these use cases and existing solutions. From the requirements, we propose a novel logging architecture for the grid based on Virtual Machine (VM) isolation and trusted computing capabilities: a small number of privileged driver VMs trigger all trusted logging requests and forward them to the secure logging service running within the log security manager. The logging service verifies the integrity of the log data and the security configurations of these driver VMs (log generators) before storing the logs. © 2008 IEEE. |
spellingShingle | Huh, J Martin, A Soc, I Trusted Logging for Grid Computing |
title | Trusted Logging for Grid Computing |
title_full | Trusted Logging for Grid Computing |
title_fullStr | Trusted Logging for Grid Computing |
title_full_unstemmed | Trusted Logging for Grid Computing |
title_short | Trusted Logging for Grid Computing |
title_sort | trusted logging for grid computing |
work_keys_str_mv | AT huhj trustedloggingforgridcomputing AT martina trustedloggingforgridcomputing AT soci trustedloggingforgridcomputing |