Secure Audit Log Management
2013 (English)In: Procedia Computer Science, ISSN 1877-0509, E-ISSN 1877-0509, Vol. 22, 1249-1258 p.Article in journal (Refereed) Published
Log management and analysis is a vital part of organization's network management and system administration. Logs indicate current status of the system and contain information that refers to different security events, which occur within the system. Logs are used for different purposes, such as recording user activities, track authentication attempts, and other security events. Due to increasing number of threats against networks and systems, the number of security logs increases. However, many organizations that work in a distributed environment face following problems: log generation and storage, log protection, and log analysis. Moreover, ensuring that security, system and network administrators analyze log data in an effective way is another issue. In this research, we propose an approach for receiving, storing and administrating audit log events. Furthermore, we present a solution design that in a secure way allows organizations in distributed environments to send audit log transactions from different local networks to one centralized server.
Place, publisher, year, edition, pages
2013. Vol. 22, 1249-1258 p.
Secure Log Management, Log Analysis, Log Server, Audit Log Event
Research subject Computer and Systems Sciences
IdentifiersURN: urn:nbn:se:su:diva-97232DOI: 10.1016/j.procs.2013.09.212OAI: oai:DiVA.org:su-97232DiVA: diva2:676276
KES 2013, 17th International Conference on Knowledge-Based and Intelligent Information & Engineering Systems, 9 - 11 September 2013, Kitakyushu, Japan