More Web Proxy on the site http://driver.im/

research-article

EngraveChain: Tamper-proof distributed log system

Authors:

Louis Shekhtman,

Erez WaisbardAuthors Info & Claims

BlockSys '19: Proceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor

Pages 8 - 14

https://doi.org/10.1145/3362744.3363346

Published: 10 November 2019 Publication History

Abstract

A reliable log system is a prerequisite for security applications. One of the first actions a hacker takes upon penetrating a system is altering the log files. Maintaining redundant copies in a distributed manner in a Byzantine setting has always been a challenging task, however it has recently become simpler given recent advances in blockchain technologies. In this work, we present a tamper-resistant log system through the use of a blockchain. We leverage the immutable write action and distributed storage provided by the blockchain and add an additional encryption layer to develop a secure log system. We assess the security and privacy aspects of our solution. Finally, we implement our system over Hyperledger Fabric and demonstrate the system's value for several use cases.

References

[1]

F. Angiulli, F. Fassetti, A. Furfaro, A. Piccolo, and D. Saccà. 2018. Achieving Service Accountability Through Blockchain and Digital Identity. In International Conference on Advanced Information Systems Engineering. Springer, 16--23.

[2]

L. Aniello, R. Baldoni, E. Gaetani, F. Lombardi, A. Margheri, and V. Sassone. 2017. A prototype evaluation of a tamper-resistant high performance blockchain-based transaction log for a distributed database. In European Dependable Computing Conference (EDCC). IEEE, 151--154.

[3]

M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. 1998. Relations among notions of security for public-key encryption schemes. In Annual International Cryptology Conference. Springer, 26--45.

[4]

C. Cachin. 2016. Architecture of the Hyperledger blockchain fabric. In Workshop on Distributed Cryptocurrencies and Consensus Ledgers.

[5]

M. Castro, B. Liskov, and et al. 1999. Practical Byzantine fault tolerance. In OSDI, Vol. 99. 173--186.

Digital Library

[6]

J. Cucurull and J. Puiggali. 2016. Distributed immutabilization of secure logs. In Security and Trust Management. Springer, 122--137.

[7]

J. Daemenand V. Rijmen. 2013. The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media.

[8]

G. D'Angelo, S. Ferretti, and M. Marzolla. 2018. A Blockchain-based Flight Data Recorder for Cloud Accountability. In Workshop on Cryptocurrencies and Blockchains for Distributed Systems. ACM, 93--98.

[9]

General Data Protection Regulation. 2018. https://www.gdpr-info.eu/.

[10]

A. Frei and M. Rennhard. 2008. Histogram Matrix: Log File Visualization for Anomaly Detection. In 2008 Third International Conference on Availability, Reliability and Security. 610--617.

[11]

B. Gipp, J. Kosti, and C. Breitinger. 2016. Securing Video Integrity Using Decentralized Trusted Timestamping on the Bitcoin Blockchain. In MCIS. 51.

[12]

M. Goldstein, D. Raz, andI. Segall. 2017. Experience Report: Log-Based Behavioral Differencing. In 2017 IEEE 28th International Symposium on Software Reliability Engineering(ISSRE). 282--293.

[13]

J.E. Holt. 2006. Logcrypt: forward security and public verification for secure audit logs. In Proceedings of the 2006 Australasian Workshops on Grid computing and e-research. 203--211.

Digital Library

[14]

Hyperledger 2018. https://hyperledger-fabric-ca.readthedocs.io/.

[15]

Health Insurance Portability and Accountability Act. 2017. https://www.hhs.gov/hipaa/for-professionals/security/index.html.

[16]

E. Kokoris-Kogias, E.C. Alp, S.D. Siby, N. Gailly, L. Gasser, P. Jovanovic, E. Syta, and B. Ford. 2018. CALYPSO: Auditable Sharing of Private Data over Blockchains.

[17]

Y. Liang, Y. Zhang, A. Sivasubramaniam, M.Jette, and R. Sahoo. 2006. Bluegene/l failure analysis and prediction models. In International Conference on Dependable Systems and Networks, (DSN). IEEE, 425.

[18]

S. Möller, C. Perlov, W. Jackson, C. Taussig, and S.R. Forrest. 2003. A polymer/semiconductor write-once read-many-times memory. Nature 426, 6963 (2003), 166.

[19]

S. Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system.

[20]

Sagar Rane and Arati Dixit. 2019. BlockSLaaS: Blockchain Assisted Secure Logging-as-a-Service for Cloud Forensics. In International Conference on Security & Privacy. Springer, 77--88.

[21]

R.L. Rivest, A. Shamir, and L. Adleman. 1978. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 2 (1978), 120--126.

Digital Library

[22]

B. Schneier and J. Kelsey. 1998. Cryptographic Support for Secure Logs on Untrusted Machines. In USENIX Symposium, Vol. 98. 53--62.

[23]

B. Schneier and J. Kelsey. 1999. Secure audit logs to support computer forensics. ACM Transactions on Information and System Security (TISSEC) 2, 2 (1999), 159--176.

Digital Library

[24]

PCI Security Standards Council. 2019. https://www.pcisecuritystandards.org/.

[25]

C Simmons, D Jones, and L Simmons. 2011. A Framework and Demo for Preventing Anti-Computer Forensics. Issues in Information Systems 12, 1 (2011), 366--372.

[26]

F. Tian. 2016. An agri-food supply chain traceability system for China based on RFID & blockchain technology. In International Conference on Service Systems and Service Management (ICSSSM). IEEE, 1--6.

[27]

W-T. Tsai, E. Deng, X. Ding, and J. Li. 2018. Application of Blockchain to Trade Clearing. In 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). IEEE, 154--163.

[28]

S. Underwood. 2016. Blockchain beyond bitcoin. Commun. ACM 59, 11 (2016), 15--17.

Digital Library

[29]

Shawn Wilkinson, Tome Boshevski, Josh Brandoff, and Vitalik Buterin. 2014. Storj a peer-to-peer cloud storage network. (2014).

[30]

Shams Zawoad, Amit Kumar Dutta, and Ragib Hasan. 2013. SecLaaS: secure logging-as-a-service for cloud forensics. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security. ACM, 219--230.

Digital Library

Cited By

Paulin DJoud RHennebert CMoëllic PFranco-Rondisson TJayles R(2023)HistoTrust: tracing AI behavior with secure hardware and blockchain technologyAnnals of Telecommunications10.1007/s12243-022-00943-678:7-8(413-427)Online publication date: 24-Jan-2023
https://doi.org/10.1007/s12243-022-00943-6
Silalahi SIjtihadie RAhmad TStudiawan H(2022)A Survey on Logging in Distributed System2022 1st International Conference on Information System & Information Technology (ICISIT)10.1109/ICISIT54091.2022.9873095(7-12)Online publication date: 27-Jul-2022
https://doi.org/10.1109/ICISIT54091.2022.9873095
Shekhtman LWaisbard E(2021)EngraveChain: A Blockchain-Based Tamper-Proof Distributed Log SystemFuture Internet10.3390/fi1306014313:6(143)Online publication date: 29-May-2021
https://doi.org/10.3390/fi13060143
Show More Cited By

Index Terms

EngraveChain: Tamper-proof distributed log system
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Distributed systems security

Recommendations

Decentralize transaction records of digital payment gateway using Ethereum Blockchain and Interplanetary File System
Abstract
This research proposes a system to store transaction records from a payment gateway based on digital payments by utilizing blockchain technology and Interplanetary File System (IPFS) as distributed storage. In digital payments, the possibility of ...
Blockchain and Cryptocurrency in Human Computer Interaction: A Systematic Literature Review and Research Agenda
DIS '22: Proceedings of the 2022 ACM Designing Interactive Systems Conference

We present a systematic literature review of cryptocurrency and blockchain research in Human-Computer Interaction (HCI) published between 2014 and 2021. We aim to provide an overview of the field, consolidate existing knowledge, and chart paths for ...
Collaborative Intrusion Detection System for Internet of Things Using Distributed Ledger Technology: A Survey on Challenges and Opportunities
Intelligent Information and Database Systems
Abstract
This review presents the current state-of-the-art of the Distributed Ledger Technology (DLT) model used in the Collaborative Intrusion Detection System (CIDS) for anomaly detection in Internet of Things (IoT) network. The distributed IoT ecosystem ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

BlockSys '19: Proceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor

November 2019

35 pages

ISBN:9781450370127

DOI:10.1145/3362744

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 November 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

SenSys '19

Sponsor:

SenSys '19: The 17th ACM Conference on Embedded Networked Sensor Systems

November 10, 2019

NY, New York, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
191
Total Downloads

Downloads (Last 12 months)23
Downloads (Last 6 weeks)4

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Paulin DJoud RHennebert CMoëllic PFranco-Rondisson TJayles R(2023)HistoTrust: tracing AI behavior with secure hardware and blockchain technologyAnnals of Telecommunications10.1007/s12243-022-00943-678:7-8(413-427)Online publication date: 24-Jan-2023
https://doi.org/10.1007/s12243-022-00943-6
Silalahi SIjtihadie RAhmad TStudiawan H(2022)A Survey on Logging in Distributed System2022 1st International Conference on Information System & Information Technology (ICISIT)10.1109/ICISIT54091.2022.9873095(7-12)Online publication date: 27-Jul-2022
https://doi.org/10.1109/ICISIT54091.2022.9873095
Shekhtman LWaisbard E(2021)EngraveChain: A Blockchain-Based Tamper-Proof Distributed Log SystemFuture Internet10.3390/fi1306014313:6(143)Online publication date: 29-May-2021
https://doi.org/10.3390/fi13060143
Chiu MGoldsmith AKalabic U(2021)Blockchain for Embedded System Accountability2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)10.1109/ICBC51069.2021.9461143(1-5)Online publication date: 3-May-2021
https://doi.org/10.1109/ICBC51069.2021.9461143
Podili PKataoka K(2021)TRAQR: Trust aware End-to-End QoS routing in multi-domain SDN using BlockchainJournal of Network and Computer Applications10.1016/j.jnca.2021.103055182(103055)Online publication date: May-2021
https://doi.org/10.1016/j.jnca.2021.103055
Paulin DHennebert CFranco-Rondisson TJayles RLoubier TCollado R(2021)HistoTrust: Ethereum-Based Attestation of a Data History Built with OP-TEE and TPMFoundations and Practice of Security10.1007/978-3-031-08147-7_9(130-145)Online publication date: 7-Dec-2021
https://dl.acm.org/doi/10.1007/978-3-031-08147-7_9
Rakib MHossain SJahan MKabir U(2020)Towards Blockchain-Driven Network Log Management System2020 IEEE 8th International Conference on Smart City and Informatization (iSCI)10.1109/iSCI50694.2020.00019(73-80)Online publication date: Dec-2020
https://doi.org/10.1109/iSCI50694.2020.00019
Fang XAsghar M(2020)RevBloc: A Blockchain-Based Secure Customer Review System2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom50675.2020.00168(1250-1259)Online publication date: Dec-2020
https://doi.org/10.1109/TrustCom50675.2020.00168

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents