Presentation is loading. Please wait.

Presentation is loading. Please wait.

Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.

Similar presentations


Presentation on theme: "Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters."— Presentation transcript:

1 Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters

2 Audit Logs Employed on most server systems –Web logs –Database logs Provide invaluable access to past activity –Hold users accountable for their actions –Diagnostics

3 Desirable Characteristics Tamper Resistant Verifiable –Can check that entries are present and have not been altered Data Access Control –Entries may be sensitive to individuals or log owner Searchability –Search for log on specific criteria –e.g keyword search

4 Desirable Characteristics Tamper Resistant Verifiable –Can check that entries are present and have not been altered Data Access Control –Entries may be sensitive to individuals or log owner Searchability –Search for log on specific criteria –e.g keyword search

5 An Audit Log for a Database System user: Alice Smith keyword: cars keyword: make keyword: ford time: 2003/08/26 23:34:24 authenticationclockkeyword extraction “select * from cars where make=‘ford’” database audit record creation keywords for audit record log storage (untrusted)

6 Requirements Data Access Control –Entries must be encrypted on untrusted storage –Forward security in case auditing device becomes compromised  asymmetric encryption –Limit scope of data released to that of the search Searchability –Be able to efficiently retrieve entries based on certain criteria –We focus on keyword search

7 A Simple Solution Encrypt all entries with a public key Auditor downloads all entries, then decrypts them, then performs the search

8 A Simple Solution Encrypt all entries with a public key Auditor downloads all entries, then decrypts them, then performs the search Disadvantages Auditor sees all entries and regardless of what search criteria was All entries must be transmitted from server

9 audit record Delegating Search Capabilities investigatoraudit escrow agent master secret “user: Alice Smith” capability for search investigator audit log capability for search audit record … 1 2 The investigator submits the capability to the audit log and receives only entries that the capability matches. The investigator requests a capability to search for all entries that were made by the user Alice.

10 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document

11 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document Encrypted Data Keywords must not be in the clear!

12 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document audit escrow agent master secret Encrypted Data

13 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document Honda Search Capability master secret Encrypted Data audit escrow agent

14 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document Honda Search Capability master secret Encrypted Data audit escrow agent

15 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document Honda Search Capability master secret Encrypted Data No information is learned audit escrow agent

16 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document master secret Encrypted Data audit escrow agent

17 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document Alice Search Capability master secret Encrypted Data audit escrow agent

18 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document Alice Search Capability master secret Encrypted Data Keywords Alice Ford Loans Document Embed decryption in search audit escrow agent

19 Identity Based Encryption (IBE) Public Key is simply a string e.g. Private Key given from master secret holder(s) Removes need for distribution of public key certificates We use scheme of Boneh and Franklin (2001)

20 Using IBE to Search on Asymmetrically Encrypted Data Keywords Alice Ford Loans Document Auditing Device

21 Using IBE to Search on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document K

22 Using IBE to Search on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document K FLAG | K “Alice”

23 Using IBE to Search on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document K FLAG | K “Alice” FLAG | K “Ford”

24 Using IBE to Search on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

25 Using IBE to Search on Asymmetrically Encrypted Data Auditing Device FLAG used to test K to decrypt on match Keywords Alice Ford Loans Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

26 Using IBE to Search on Asymmetrically Encrypted Data Auditing Device FLAG used to test K to decrypt on match Key-privacy property  keywords kept private Keywords Alice Ford Loans Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

27 Using IBE to Search on Asymmetrically Encrypted Data Auditing Device FLAG used to test K to decrypt on match Key-privacy property  keywords kept private “Pairing” operation per keyword Keywords Alice Ford Loans Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

28 Using IBE to Search on Asymmetrically Encrypted Data Alice Search Capability Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

29 Using IBE to Search on Asymmetrically Encrypted Data Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

30 Using IBE to Search on Asymmetrically Encrypted Data Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG … Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

31 Using IBE to Search on Asymmetrically Encrypted Data Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG … Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

32 Using IBE to Search on Asymmetrically Encrypted Data Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG FLAG | K Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans”

33 Using IBE to Search on Asymmetrically Encrypted Data Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG On match use K to decrypt document Documen t K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans” FLAG | K

34 Using IBE to Search on Asymmetrically Encrypted Data Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG On match use K to decrypt document Pairing per keyword in document Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans” Documen t FLAG | K

35 Scoping of Keywords We want to type keywords e.g. Capability to search on entries about “Alice” vs. those made by “Alice” Solution: Prefix keywords with type –“user:Alice” –“kw:Alice”

36 Performance Encryption –One pairing per keyword in document –One exponentiation per keyword Search/Decryption –One pairing per keyword per document

37 Optimizations Cache pairings of frequently used keywords –eg. ê(“user:Alice”,sP) –Only need a pairing per new keyword on encryption –In limit exponentiation per keyword is dominant cost

38 Optimizations Cache pairings of frequently used keywords –eg. ê(“user:Alice”,sP) –Only need a pairing per new keyword on encryption –In limit exponentiation per keyword is dominant cost Reuse randomness for IBE encryption within one document –Okay since cannot use same public key per document –In decryption only one pairing per document –Save storage in log

39 Indexing Incremental update of an index on untrusted storage is insecure

40 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Ford Loans DocumentIndex

41 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Ford Loans DocumentIndex

42 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Loans Washington DocumentIndex

43 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Loans Washington DocumentIndex

44 Indexing Build local index on auditing device and flush out to storage

45 Indexing Build local index on auditing device and flush out to storage Document K’ Document K’’ Document K FLAG | K | K’’ “Alice” FLAG | … “Sam”

46 Indexing Longer index is held in auditing device more information leaked on device compromise

47 Implementation Implemented a logging system for MySQL database queries Goal to protect individual’s privacy Used Stanford IBE library Pairing cost ~80ms on current machines

48 Related Work Searching on Encrypted Data Boneh, Crescenzo, Ostrovsky and Persiano (2003) Song, Wagner and Perrig (2000) Goh (2003) Identity Based Encryption Boneh and Franklin (2001)

49 Conclusion Tension between data access control and searchability in audit logs Asymmetric scheme for searching on encrypted data Explored optimizations for practical systems

50

51 Searching on Asymmetrically Encrypted Data Auditing Device Keywords Alice Ford Loans Document Keywords Alice Ford Loans Document Bob Search Capability audit escrow agent master secret Encrypted Data

52 Using IBE to Search on Asymmetrically Encrypted Data Keywords Alice Ford Loans Document Auditing Device Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans” FLAG used to test K to decrypt on match Key-privacy property  keywords kept private “Pairing” operation per keyword

53 Using IBE to Search on Asymmetrically Encrypted Data Document K FLAG | K “Alice” FLAG | K “Ford” FLAG | K “Loans” Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG On match use K to decrypt document Pairing per test


Download ppt "Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters."

Similar presentations


Ads by Google