A secure and auditable logging infrastructure based on a permissioned blockchain

• Published in: Computers & security Vol. 87; p. 101602
• Main Authors: Putz, Benedikt, Menges, Florian, Pernul, Günther
• Format: Journal Article
• Language: English
• Published: Amsterdam Elsevier Ltd 01.11.2019; Elsevier Sequoia S.A
• Subjects: Blockchain; Cryptography; Cybersecurity; Data integrity; Digital forensics; Hardware; Infrastructure; Log auditing; Log management; Performance evaluation; Permissioned blockchain; Secure logging; Source code; Trusted third parties; Log management; Secure logging; Permissioned blockchain; Digital forensics; Log auditing
• ISSN: 0167-4048; 1872-6208
• DOI: 10.1016/j.cose.2019.101602

Information systems in organizations are regularly subject to cyber attacks targeting confidential data or threatening the availability of the infrastructure. In case of a successful attack it is crucial to maintain integrity of the evidence for later use in court. Existing solutions to preserve integrity of log records remain cost-intensive or hard to implement in practice. In this work we present a new infrastructure for log integrity preservation which does not depend upon trusted third parties or specialized hardware. The system uses a blockchain to store non-repudiable proofs of existence for all generated log records. An open-source prototype of the resulting log auditing service is developed and deployed, followed by a security and performance evaluation. The infrastructure represents a novel software-based solution to the secure logging problem, which unlike existing approaches does not rely on specialized hardware, trusted third parties or modifications to the logging source.