Year of Publication: 2014
Page Numbers: 80-87
Authors: Takashi Shitamichi, Ryoichi Sasaki
Conference Name: The International Conference on Information Security and Cyber Forensics (InfoSec2014)
- Malaysia


Internet services of numerous types are widely implemented at countless sites in today’s worldwide computing environment, and the generated service logs they produce are important for assuring such systems work correctly. When the owners of such logs are auditors or system managers, it has been thought that from the standpoint of manageability, it is better to accumulate logs at one site rather than multiple sites. However, when the owner of a log generated by an application service is a system user, he or she might want to express a preference from the available log archival sites. Furthermore, there are often cases when a service site is located far away from the log archival site. It should also be mentioned that if sites providing services do so in a cloud computing environment, it is particularly necessary to use a secure messaging method between the service and log archival sites. In this paper, we define a “user centric log archival architecture” concept, examine related works and technical specifications, and propose a new trusted model via both abstract and practical methods. By extending the Simple Object Access protocol (SOAP) based Security Assertion Markup Language (SAML), and using SAML assertions, we show how log messages can be exchanged with confidentiality, integrity, and availability, before they are written securely to storage devices.