I have an application that runs on some host machine and generates logs. Later i

Question

I have an application that runs on some host machine and generates logs. Later in the day those logs are securely transmitted to my machine.

The problem is that while the logs are being generated I dont have any access to the host machine whereas some users have full access to it and may want to forge the logs to their benefit. Is there a way to detect (or better yet prevent) such forgeries.

The log generating application may be modified to encrypt or insert MACs in the logs but encrypting/signing keys have to be on the same machine. Given that the malicious users may also have access to source code of the application, how do I go about protecting those keys? Or are there other better techniques to tackle this scenario.

Explanation / Answer

If you run a service on a machine you don't trust, it will only generate results you cannot trust.

Even if you authenticate the logs somehow, they can change the log anyway, because they have access to the sourcecode. I assume you use some interpreted language (PHP, Python, Ruby) on the application.

One way to have secure logs is to send the entries offsite as soon as they are generated. Write the logs on a local file, but at the same time send them to your trusted server. A web service will be nice.

It won't prevent the malicious users to forge log entries and send it to you, but will make impossible to them to change the logs on your trusted server. If you send the logs using SSL, they cannot change the logs on-fly.

Later you can compare the consolidated received logs and the logs sent by the web service to see if they match.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.