Secure logging framework integrating with cloud database

Abstract

Trustworthy logging mechanism is crucial to the process of system and application event auditing. Additionally, integrating cloud database in the logging system is a beneficial alternative because it can significantly reduce the cost of database deployment and maintenance. However, a log owner will lose the security control of log data if the data are stored in a cloud database. Attackers could thus use this weakness to falsify log data in a cloud database environment In this paper, we provide a secure logging framework integrating with the cloud database. Log auditors herein can use the public key to validate the integrity of log data. The secret key can be used to generate signatures of log and block data in this framework. We also provide an implementation for this framework and a performance evaluation of signing/verifying log data. Our study demonstrates a method to protect log data for log owners in the cloud database. Furthermore, the proposed secure logging framework can be easily deployed in a cloud computing environment.