| As an important information security technique, security audit has been extensively applied, but because of the sensitivity of its audit data, it can be attacked and destroyed easily. SYSLOG protocol is a commonly used international audit log criterion, and a lot of audit systems and network products support SYSLOG, such as Cisco router. How ever, because there are some deficiencies in security design of SYSLOG, it can not assure security of audit information, so it is necessary and urgent to strengthen the security of SYSLOG protocol. This paper aims at the status that SYSLOG audit systems have deficiency in the aspect of communication security, chooses proper security mechanism to perfect and increase the security of audit log data communication based on the SYSLOG audit system.This paper researches on the transition security mechanism based on SYSLOG log data and analyzes BEEP (Block Extensible Exchange Protocol) , it propose a SYSLOG log data transition security mechanism based on BEEP, the main works are as follows:(1) Deeply analyzes the present SYSLOG protocol system, and especially the deficiency in transition security design.(2) Via the analysis of BEEP, Proposes and designs a security communication framework for SYSLOG data based on BEEP.(3) Present a classified audit data transition policy based on BEEP multi-channels.Based on the designed framework, the paper proposes a security transition mechanism of classifying grades and strength for SYSLOG data via the multi-channels of BEEP.(4) Design and implements a prototype system of the proposed framework for SYSLOG data based on BEEP with the RSYSLOG log audit system in Linux.. |
PDF Full Text Request