Security audit logging in microservice-based systems: survey of architecture patterns

Barabanov, Alexander; Makrushin, Denis

doi:10.48550/arxiv.2102.09435

Cited by 2 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Audit logs are themselves a key target for an attacker who needs to erase any trace of their malicious activities; otherwise, they may get caught and then possibly prosecuted. The need for securing audit logging was raised already in different contexts, including hardware [3]; systems [4,5]; file systems [6]; databases [7]; secure logging protocols [8]; distributed systems [2,[10][11][12][13][14]; blockchain [1,[16][17][18][19][20]; and blockchain hardware [28], as well as many others. In this section, we describe some pieces of research in securing audit logging, with particular attention on distributed systems and cloud computing; we describe blockchain-based mechanisms later in the following subsection.…”

Section: Audit Based Systemsmentioning

confidence: 99%

“…Audit logs are used to keep track of important events about system activities and are a fundamental mechanism for digital forensics because they provide information about past and current events and hence, the path of states of a system [2]. The need for protecting logs from attackers was already stated by various researchers in different contexts, in the context of hardware [3]; systems [4,5]; file systems [6]; databases [7]; and secure logging protocols [8]. Companies are currently attracted to migrate to cloud computing services [9].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

RootLogChain: Registering Log-Events in a Blockchain for Audit Issues from the Creation of the Root

López-Pimentel

Morales-Rosales

Monroy

2021

Sensors

View full text Add to dashboard Cite

Logging system activities are required to provide credibility and confidence in the systems used by an organization. Logs in computer systems must be secured from the root user so that they are true and fair. This paper introduces RootLogChain, a blockchain-based audit mechanism that is built upon a security protocol to create both a root user in a blockchain network and the first log; from there, all root events are stored as logs within a standard blockchain mechanism. RootLogChain provides security constructs so as to be deployed in a distributed context over a hostile environment, such as the internet. We have developed a prototype based on a microservice architecture, validating it by executing different stress proofs in two scenarios: one with compliant agents and the other without. In such scenarios, several compliant and non-compliant agents try to become a root and register the events within the blockchain. Non-compliant agents simulate eavesdropper entities that do not follow the rules of the protocol. Our experiments show that the mechanism guarantees the creation of one and only one root user, integrity, and authenticity of the transactions; it also stores all events generated by the root within a blockchain. In addition, for audit issues, the traceability of the transaction logs can be consulted by the root.

show abstract

Section: Audit Based Systemsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

RootLogChain: Registering Log-Events in a Blockchain for Audit Issues from the Creation of the Root

López-Pimentel

Morales-Rosales

Monroy

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…"Ensuring" logs from improper users has been reviewed by many researchers in different areas, such as distributed systems [4,5], cloud computing [6,7], and services [8][9][10][11]. These system solutions have been developed to be adapted for TCP/IP internet infrastructures.…”

Section: Introductionmentioning

confidence: 99%

A Cloud Microservices Architecture for Data Integrity Verifiability Based on Blockchain

2022

View full text Add to dashboard Cite

The current digital age, mainly characterized by an economy based upon information technology, demands a data integrity service, even more so because organizations and companies are migrating their services over the cloud. This is not a simple task; it is cumbersome since traditional schemes in databases could be subject to modifications. However, it can be solved using blockchain technology. This paper provides a data integrity verifiability architecture for cloud systems based on blockchain. The architecture provides a mechanism to store events (as logs) within a blockchain platform from any cloud system. Users can then consult data integrity through a microservice, acting as an intermediate server that carries out a set of verification steps within the blockchain, which confirms the integrity of a previously stored log. Our architecture takes advantage of the blockchain strength concerning integrity, providing a traceability track of the stored logs. A prototype system and a case study were implemented based on the proposed architecture. Our experimental results show that the proposed decentralized architecture can be adapted to cloud existing systems that were born without blockchain technology and require a modular and scalable audit characteristic.

show abstract

Security audit logging in microservice-based systems: survey of architecture patterns

Cited by 2 publications

References 0 publications

RootLogChain: Registering Log-Events in a Blockchain for Audit Issues from the Creation of the Root

RootLogChain: Registering Log-Events in a Blockchain for Audit Issues from the Creation of the Root

A Cloud Microservices Architecture for Data Integrity Verifiability Based on Blockchain

Contact Info

Product

Resources

About