Log Protection Technology Based On TCM

With the development of network information technology and the increasing of the informational amount, the degree of attention on information system security requirements is getting higher and higher in corporations, individuals and government all over the world. Due to the facts that the log data is the most obvious reflection of the states on systems, network access and so on, it’s a significant data source for system auditing. We must guarantee the credibility of log data so that we could obtain the true system state and behaviors through the log data auditing. However, with the shortage of existing technology on log protection, the log data could be destroyed by internal and external attacks. And most of the existing log protective strategies are focused on the log’s credibility on usage phase, backup, access control and so on. With the inherent flaws of those strategies, they couldn’t guarantee the log’s credibility on its generation phase. The protection of the generation of log data is the very first stage of the log data’s credibility protection. The security objectives of all subsequent would be impossible to ensure what if the credibility of log data’s generation cannot be guaranteed.This article proposed and implemented a log protection system based on TCM. This system designs log data protection protocols for the purposes that is to protected the integrity of log data during its generation, transmission and storage stage. In log data generation stage, the system ensures the generation of the trusted log through the integrity protection algorithm, and at the same time it designs the interceptor mechanism in order to intercept users’illegal log data operations. In secure transmission phase, the system puts forward a safe transport protocol based on TCM, which can be used to ensure the credibility in data transmission process. In storage stage, the system provides an integrity detection model by using Hash tree, which is based on time stamp, to realize the data integrity detection so that it could ensure the reliable of the data storage process. This paper also provides the security and performance analysis for this system and the experiments to test the proposed scheme, which can be used to prove that this system could be able to protect the log data and ensure its credibility during the generation, transmission and storage stage. The research work of this paper provides an effective solution for the log data protection, and has a good practical value.