Notice of Violation of IEEE Publication PrinciplesSecure audit logs with forward integrity message authentication codes

Notice of Violation of IEEE Publication Principles

"Secure Audit Logs with Forward Integrity Message Authentication Codes"
by Tao Jiang, Ji-qiang Liu, Zhen Han
in the Proceedings of the International Conference on Signal Processing, September 2004, pp. 2655-2658

After careful and considered review of the content and authorship of this paper by a duly constituted expert committee, this paper has been found to be in violation of IEEE\´s Publication Principles.

This paper contains portions of original text from the paper cited below. The original text was copied with insufficient attribution (including appropriate references to the original author(s) and/or paper title) and without permission.

"Forward Integrity for Secure Audit Logs"
by Mihir Bellare and Bennet S. Yee
in Technical Report CS98-580, Department of Computer Science and Engineering, University of California at San Diego, November 1997

"Cryptographic Support for Secure Logs on Untrusted Machines"
by Bruce Schneier, John Kelsey
in The Seventh USENIX Security Symposium Proceedings, USENIX Press, January 1998, pp. 53-62

In this paper, we propose a forward integrity message authentication codes (MACs) method making all log entries generated prior to the logging machine\´s compromise impossible for the attacker to modify or destroy undetectably. As a good solution to keep the log data from being tempered with, the method is used in a system called secure log server in which we collect the log information for further system monitoring and auditing in our own way. A prototype was developed and the impact of its deployment in a real environment was measured.