The cuckoo's egg: tracking a spy through the maze of computer espionage
The cuckoo's egg: tracking a spy through the maze of computer espionage
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Distributing trust with the Rampart toolkit
Communications of the ACM
Remote auditing of software outputs using a trusted coprocessor
Future Generation Computer Systems - Special issue on smart cards
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Cryptography: Theory and Practice
Cryptography: Theory and Practice
Handbook of Applied Cryptography
Handbook of Applied Cryptography
How to Time-Stamp a Digital Document
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Robustness Principles for Public Key Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Automatic Event-Stream Notarization Using Digital Signatures
Proceedings of the International Workshop on Security Protocols
Protocol Interactions and the Chosen Protocol Attack
Proceedings of the 5th International Workshop on Security Protocols
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)
Fast Software Encryption, Cambridge Security Workshop
RIPEMD-160: A Strengthened Version of RIPEMD
Proceedings of the Third International Workshop on Fast Software Encryption
ACSAC '96 Proceedings of the 12th Annual Computer Security Applications Conference
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Cryptographic support for secure logs on untrusted machines
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Using Independent Auditors as Intrusion Detection Systems
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Providing Process Origin Information to Aid in Network Traceback
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Establishing the business value of network security using analytical hierarchy process
Creating business value with information technology
The session token protocol for forensics and traceback
ACM Transactions on Information and System Security (TISSEC)
Data protection and data sharing in telematics
Mobile Networks and Applications
Extending UNIX System Logging with SHARP
LISA '00 Proceedings of the 14th USENIX conference on System administration
Providing process origin information to aid in computer forensic investigations
Journal of Computer Security
Verifiable audit trails for a versioning file system
Proceedings of the 2005 ACM workshop on Storage security and survivability
Trust but verify: accountability for network services
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Forensic analysis of database tampering
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Personalization in privacy-aware highly dynamic systems
Communications of the ACM - Privacy and security in highly dynamic systems
Logcrypt: forward security and public verification for secure audit logs
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Storage-based intrusion detection: watching storage activity for suspicious behavior
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Analysis of Computer Intrusions Using Sequences of Function Calls
IEEE Transactions on Dependable and Secure Computing
Strong accountability for network storage
ACM Transactions on Storage (TOS)
Tamper detection in audit logs
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Extended RBAC-based design and implementation for a secure data warehouse
International Journal of Business Intelligence and Data Mining
Offline count-limited certificates
Proceedings of the 2008 ACM symposium on Applied computing
Practical forward secure sequential aggregate signatures
Proceedings of the 2008 ACM symposium on Information, computer and communications security
An authentication and validation mechanism for analyzing syslogs forensically
ACM SIGOPS Operating Systems Review
Computer forensics in forensis
ACM SIGOPS Operating Systems Review
Document logs: a distributed approach to metadata for better security and flexibility
Proceedings of the eighth ACM symposium on Document engineering
Forensic analysis of database tampering
ACM Transactions on Database Systems (TODS)
A New Approach to Secure Logging
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
SS'08 Proceedings of the 17th conference on Security symposium
VoteBox: a tamper-evident, verifiable electronic voting system
SS'08 Proceedings of the 17th conference on Security symposium
A new approach to secure logging
ACM Transactions on Storage (TOS)
The case of the fake Picasso: preventing history forgery with secure provenance
FAST '09 Proccedings of the 7th conference on File and storage technologies
Logging key assurance indicators in business processes
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Do You Know Where Your Data's Been? --- Tamper-Evident Database Provenance
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Preventing history forgery with secure provenance
ACM Transactions on Storage (TOS)
Privacy preserving multiparty multilevel DRM architecture
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Server-side detection of malware infection
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Tools and technology for computer forensics: research and development in Hong Kong
ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
A formal implementation of value commitment
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Liability in software engineering: overview of the LISE approach and illustration on a case study
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Super-efficient aggregating history-independent persistent authenticated dictionaries
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Document-centric XML workflows with fragment digital signatures
Software—Practice & Experience
E-voting and forensics: prying open the black box
EVT/WOTE'09 Proceedings of the 2009 conference on Electronic voting technology/workshop on trustworthy elections
Efficient data structures for tamper-evident logging
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Storage-Based Intrusion Detection
ACM Transactions on Information and System Security (TISSEC)
Building disclosure risk aware query optimizers for relational databases
Proceedings of the VLDB Endowment
Liability issues in software engineering: the use of formal methods to reduce legal uncertainties
Communications of the ACM
Efficient audit-based compliance for relational data retention
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Towards standards in digital forensics education
Proceedings of the 2010 ITiCSE working group reports
A formal framework for specifying and analyzing logs as electronic evidence
SBMF'10 Proceedings of the 13th Brazilian conference on Formal methods: foundations and applications
BBox: a distributed secure log architecture
EuroPKI'10 Proceedings of the 7th European conference on Public key infrastructures, services and applications
Purpose control: did you process the data for the intended purpose?
SDM'11 Proceedings of the 8th VLDB international conference on Secure data management
Trusted computing enhanced user authentication with OpenID and trustworthy user interface
International Journal of Internet Technology and Secured Transactions
Indexing information for data forensics
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Delegating secure logging in pervasive computing systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Sensor tricorder: what does that sensor know about me?
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
ACM Transactions on Information and System Security (TISSEC)
Forensic discovery auditing of digital evidence containers
Digital Investigation: The International Journal of Digital Forensics & Incident Response
A system for the proactive, continuous, and efficient collection of digital forensic evidence
Digital Investigation: The International Journal of Digital Forensics & Incident Response
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Auditing a database under retention policies
The VLDB Journal — The International Journal on Very Large Data Bases
SecLaaS: secure logging-as-a-service for cloud forensics
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
The TClouds platform: concept, architecture and instantiations
Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing
Privacy-preserving audit for broker-based health information exchange
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.02 |
In many real-world applications, sensitive information must be kept it log files on an untrusted machine. In the event that an attacker captures this machine, we would like to guarantee that he will gain little or no information from the log files and to limit his ability to corrupt the log files. We describe a computationally cheap method for making all log entries generated prior to the logging machine's compromise impossible for the attacker to read, and also impossible to modify or destroy undetectably.