A SECURED EVENT LOG STORAGE MANAGEMENT SYSTEM IN

CLOUD COMPUTING

D.ESTHER GRACE VINITHA
1
Dept of Computer Science & Engineering
Jerusalem College of Engineering
Chennai, India
esthervinitha@gmail.com

J.SHINY DUELA
2
Dept of Computer Science & Engineering
Jerusalem College of Engineering
Chennai, India
shiny.duela@gmail.com



Abstract Cloud computing is a term in computing that is
used to store, maintain data in a secured manner. It
provides an economical means for storing event log
information in cloud at a low cost. However storing and
maintaining of event log information in cloud is incredibly
vital. Storing of log records to the cloud, introduces a new
challenges to the user. Security and privacy plays an
important role in cloud storage. The proposed system
identifies the challenges using associate efficient privacy
protection scheme for the log data stored within the cloud.
It also satisfies the user demand on privacy requirement.

Keywords Cloud computing; Identity privacy; Data Storage;
Logging; Security

I. INTRODUCTION
A log is a record of the events occurring within a system
and network. Logs are composed of log entries; every entry
contains information associated with a particular event that
has occurred within a system or network. The logs were used
for troubleshooting problems, like optimizing the system, to
look the performance of the network, recording the actions of
users, and providing useful data for finding malicious activity.
Log record contains the information associated with various
forms of events occurring in the systems [2]. Cloud
computing, or the cloud, may be a conversational expression
wont to describe a range of various forms of computing ideas
that involve an oversized range of computers connected
through a period of time. The Organization uses the Cloud in a
different form of service models and deployment models.
There is a number of security issues/concerns associated
with cloud computing falls into two broad categories: Security
issues faced by cloud providers and security issues faced by
their customers. In most cases, the provider should make sure
that their infrastructure is secure which their clients
information and applications are protected, whereas the client
should make sure that the provider has taken the correct
security measures to shield their information. The elemental
facet of the cloud computing is that information is being
centralized or outsourced into the cloud. Cloud storage
vendors use massive data centers to store vast datas, not only
storing in Terabytes of data but also Petabytes in some cases.

While cloud computing makes these benefits additional
appealing than ever, it additionally brings new and difficult
security threats to the outsourced information. As a result, the
correctness of the information within the cloud is place in
danger. These threats in cloud side occur from time to time.
Since CSP is not fully trusted by the users, the basic solution
to preserve the data is to encrypt the data before uploading the
data to cloud. In this paper, we proposed a solution for storing
and maintaining log records in a cloud-based environment.
We also address the security and integrity issues during
different stages for developing a cryptographic protocol to
address data integrity and confidentiality issues with storing,
maintaining, and querying log records. To provide the data
security and maintaining the record in the cloud, An Efficient
Privacy Protection Scheme (EPPS) is proposed to resolve the
problem, by satisfying the user-demand privacy requirements.
We provide a complete solution to the cloud based secure log
management problem.
The rest of the paper is organized as follows: Section II
identifies the General Requirements on cloud security. Section
III identifies the existing system. Section IV identifies the
issues of the existing system. Section V identifies approaches
used in existing system. Section VI identifies proposed
system. Section VII describes the implementation and the
results.
II. GENERAL REQURIEMENTS ON CLOUD SECURITY
Security is generally related to the important aspects of
confidentiality, integrity, availability and privacy.
A. Confidentiality
Confidentiality refers to only authorized users, who have the
permission and ability to access protected data it also ensure
that user data which resides in the cloud cannot be accessed by
unauthorized party. In cloud, confidentiality plays a major part
especially in maintaining over organizations data situated
across multiple distributed databases [6]. Confidentiality can
be achieved using proper encryption technique.
B. Integrity
Integrity is a key aspect in Information security. It also refers
to protecting data from unauthorized deletion, modification or
fabrication. There is no guarantee for the data that has not
been altered while it resides in the cloud. A cloud service
provider is needed to be trusted to maintain data integrity and
accuracy. The integrity solution refers to the ability of the
cloud provider to ensure that the reliable and correct operation
of the cloud to support the legal obligations. Disaster
Recovery plays a vital role in data integrity. Even if the user
do not know where the data is, a cloud provider should tell
what will happen to it in the event of a disaster.
C. Availability
Availability is one of the most important information security
requirements in cloud computing. It refers to the property of a
system is being accessible and usable upon the demands by an
authorized entity. The goal of availability is to ensure the users
can use them when ever needed [8].
D. Privacy
Privacy is to control the disclosure of personal information
from the attackers. Privacy is a core issue in all the challenges
for protecting the data, including the need to protect identity
information of the user. Privacy mechanisms must be
embedded in all security solutions [2][8]. It should not allow
any unauthorized persons to access the data in the cloud
environment.
III. RELATED WORK
A. Anonymous Upload Tag Generation
Anonymous Upload tag generation is used to upload log
batch of log records that needs to be indexed by a unique key
value [1]. However, it is needed to ensure that this key value
cannot be traced back to the logging client that uploaded the
data nor the log monitor that seeks the data. The upload tag is
generated using hashed Diffie Hellman algorithm. The
structure of the upload tag should consist of upload tag field,
timestamp, delete tag, encrypted data with secret key and
entire message with hash function.


Algorithm 1: Diffie Hellman Algorithm.

1: GLOBAL PUBLIC ELEMENTS
2: Select any prime no: 'q'
3: Calculate the primitive root of q: 'a' such that a<q
4: KEY GENERATION BY USER 'A'
5: Select a random number as private key X
A
, where X
A
< q
6: Calculate the public key Y
A
where Y
A
= a
X
A
mod q
7: KEY GENERATION BY USER 'B'
8: Select a random number as private key X
B,
where X
B
< q
9: Calculate the public key Y
B
where Y
B
= a
X
B
mod q
10: Exchange the values of public key between A & B.
11: SYMMETRIC KEY (K) GENERATION BY USER 'A'
12: K= Y
B

X
A
mod q
13: SYMMETRIC KEY (K) GENERATION BY USER 'B'
14:K= Y
A

X
B
mod q


B. Anonymous Retrieval
Anonymous Retrieval is used to retrieve log information
from the cloud. The work of the cloud is to get the information
from its storage and sends it to the requester. The cloud
provider need not to authenticate the requester since all the log
batches are being encrypted and the retrieved data is useful
only to those who have the valid decryption keys.
C. Anonymous Deletion
Anonymous Deletion is to delete log data; to delete the
record the requester sends an appropriate delete message to the
logging cloud. In response to the request, the logging cloud
checks whether the requester is an authenticated person or not
and then deletes the record in the cloud. The delete tag is
created in a unique way by DeleteTag = Hn[randk()].
IV. PROBLEM STATEMENT
Even though the organization monitors the cloud by using
some security tools such as intrusion detection systems and
firewalls, the attacker can change, read the messages while
sending it to cloud thus by losing the confidentiality and
integrity of the data.
The attacker also tries to correlate the log messages with
specific logging client, log monitor or log generators, and
causes privacy breaches to the data. The attackers can also
attack the communication medium and changes the data while
transmitting the data and thus looses the data integrity. In
order to protect the data from the attacker proactive secret
sharing scheme is been used [4].
V. APPROACHES USED IN THE EXISTING WORK
There are many approaches have been proposed for
logging information in computing systems.
1) Syslog-pseudo: This approach proposes a logging
architecture to pseudonymize log files. The main problem is at
while the protocol anonymizes each log record individually it
does not protect log records from attacks.
2) Reliable-syslog: This approach allows device
authentication, incorporates mechanisms to protect the
integrity of log messages and protect against replay attacks of
log data.
3) Forward-integrity: This approach was proposed to
protect the log data while insertion, deletion and modification
process takes place. The forward integrity randomly generates
a secret key for data confidentiality and integrity [7].
The above approaches and the protocols ensure the data
confidentiality, security, tamper resistance and correctness of
data. The major issue that these approaches and protocols fail
to do is to give privacy to the data that is stored in the cloud
environment and also to data that are to be stored in the cloud.
VI. PROPOSED SYSTEM
The proposed work is to provide privacy protection using
Efficient Privacy Protection Scheme (EPPS) to the encrypted
log datas that are stored in the cloud along with the users
requirements.
A. Privacy Requirements
There is no common data types used for the datas stored in
the cloud environment as each data has different data types.
For protecting data confidentiality, a security composition is
proposed which has an encryption algorithm [3]. If there is a
weak encryption then the users important data will be
insecure and can be revealed to the attackers. So in order to
avoid insecure to the data that was stored in the cloud a strong
encryption algorithm is used [5].
B. Architecture
Fig.1 shows the system architecture of how the privacy is
given to the data.


Fig. 1. System Architecture
The first half of the architecture determines the
requirements for the privacy settings and selecting which
encryption algorithm has to be used. The second half of the
architecture determines the data protection flow so that the
data will be protected with the security composition.
The privacy analyzer collects all the users
requirements along with the upload tag key for encryption. For
encrypting the data, AES encryption algorithm is used. The
log files are collected and stored in batches so that it will be
easy for encryption. Once when these batch files are
encrypted, then they will be sent to the cloud for storage.
Once when the cloud receives any encrypted data, it
will check for authentication, if the user is authenticated then
the CSP allows the user to store the data in the cloud storage.
C. AES Algorithm
Like DES, AES algorithm is a symmetric block cipher.
However, AES algorithm is quite different from DES
algorithm in a number of ways. This algorithm allows various
blocks and key size. This algorithm is mainly used for
security, privacy, cost and implementation. In this, algorithm
the entire data block does parallel process during each round
using substitutions and permutations.



Fig. 2. Architecture of AES Algorithm
There are four stages for this encryption algorithm. The
stages are SubBytes, ShiftRows, MixColumns, and
AddRoundKeys. The SubBytes is a byte substitution operation
performed on individual bytes of the State. The transformation
of bytes is:
i i i i i i i
c b b b b b b =
+ + + + 8 mod ) 7 ( 8 mod ) 6 ( 8 mod ) 5 ( 8 mod ) 4 (
'

Where,
b
i
is the i
th
bit of the byte
c
i
is the i
th
bit of a constant byte with the value of {63}.
The ShiftRows transformation cyclically shifts the
last three rows of the state by different offsets. The first row
is unchanged in this transformation. Each byte in the second
row is shifted one position to the left. The third row is shifted
to left by two positions and a fourth row is shifted to left by
three positions.
The MixColumns operates on the columns of the
State, treating each columns as a four term polynomial the
finite field GF(2
8
). Each column is multiplied modulo x
4
+1
with a fixed four-term polynomial. It replaces the four bytes of
the processed column with the following values:
c c c c c
s s s s s
, 3 , 2 , 1 , 0
'
, 0
) } 03 ({ ) } 02 ({ =
c c c c c
s s s s s
, 3 , 2 , 1 , 0
'
, 1
) } 03 ({ ) } 02 ({ =
) } 03 ({ ) } 02 ({
, 3 , 2 , 1 , 0
'
, 0 c c c c c
s s s s s =
) } 02 ({ ) } 03 ({
, 3 , 2 , 1 , 0
'
, 1 c c c c c
s s s s s =
The AddRoundKey transforms the round key values
are added to the State by means of a simple Exclusive Or
(XOR) operation. Each round key consists of N
b
words that
are generated from the KeyExpansion routine. The round key
values are added to the columns of the state in the following
way:
[ ] [ ] [ ]
c Nb round c c c c c c c c
w s s s s s s s s
+
=
* , 3 , 2 , 1 , 0
'
, 3
'
, 2
'
, 1
'
, 0
, , , , , ,

Algorithm 2: Pseudocode for AES cipher


1: Cipher(byte PlainText[4*N
b
], byte CipherText[4*N
b
],
2: word w[N
b
*(N
r
+1)])
3: begin
4: byte state[4,N
b
]
5: state = in
6: AddRoundKey(state, w[0, N
b
-1])
7: for round = 1 step 1 to N
r
1
8: SubBytes(state)
9: ShiftRows(state)
10: MixColumns(state)
11: AddRoundKey(state, w[round*N
b
, (round+1)*N
b
-1])
12: end for
13: SubBytes(state)
14: ShiftRows(state)
15: AddRoundKey(state, w[N
r
*N
b
, (N
r
+1)*N
b
-1])
16: out = state
17: end


Algorithm 3: Pseudocode for Key Expansion


1: KeyExpansion(byte CipherKey[4*N
k
],word
2: w[N
b
*(N
r
+1)],N
k
)
3: begin
4: word temp
5: i = 0
6: while (i < N
k
)
7: w[i] = word(key[4*i], key[4*i+1], key[4*i+2],key[4*i+3])
8: i = i+1
9: end while
10: i = N
k

11. while (i < N
b
* (N
r
+1)]
12: temp = w[i-1]
13: if (i mod N
k
= 0)
14: temp = SubWord(RotWord(temp)) xor Rcon[i/N
k
]
15: else if (N
k
> 6 and i mod N
k
= 4)
16: temp = SubWord(temp)
17: end if
18: w[i] = w[i-N
k
] xor temp
19: i = i + 1
20: end while
21: end

VII. IMPLEMENTATION AND RESULT

The log files are generated and stored in the database as
batches from where all the batched log data are collected for
encryption.

Fig. 3. Storage of data in database
Fig. 3 shows how the log data is generated and stored in
the database in batches.
Once when the batching process is done, each batch file is
encrypted using AES Algorithm. Then the encrypted log files
are stored separately in another database from where it is sent
to cloud to store securely.

Fig. 4. Encrypted data in database
The Fig. 4 shows how the batched files are encrypted and
stored in the database along with the upload tag, secret key
and the ciphered data.
VIII. CONCLUSION
Our proposed system has twofold encryption process in-
order to increase the security level of the data which allows
user to store and also hides the identity of the user. Hash
function is maintained to identify the confidentiality of the
data without any changes made in the information. However,
maintaining logs securely over long periods of time is difficult
and expensive in terms of the resources needed. A proposal for
a complete system to securely outsource the log records to a
cloud and also a review on secure cloud storages by sub-
offering within IaaS of cloud computing, which are designed
by using Advanced Standard Encryption Algorithm for
encrypting the log files that has to be stored in the cloud. The
proposed scheme satisfies user-demand privacy requirement
and offers the better privacy at the same time.

REFERENCES

[1] I.Ray, M.Strizhov and D.Mlamba, Secure Logging As a Service
Delegating Log Management to the Cloud, IEEE Systems Journal.,
Vol. 7,No.2, June 2013.J. Clerk Maxwell, A Treatise on Electricity and
Magnetism, 3rd ed., vol. 2. Oxford: Clarendon, 1892, pp.68-73.
[2] K. Kent and M. Souppaya. (1992). Guide to Computer Security
LogManagement, NIST Special Publication 800-92 [Online] Available:
http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf.
[3] W. Itani, A. Kayssi, and A. Chehab, Privacy as a Service: Privacy
Aware Data Storage and Processing in Cloud Computing,
Architectures, in Dependable, Autonomic and Secure Computing,
2009. DASC '09. Eighth IEEE International Conference on, 2009,
pp.711-716.
[4] A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung,Proactive in secret
sharing or: How to cope with perpetual leakage, in Proc. 15th Ann. Int.
Cryptology Conf., Aug. 1995, pp. 339352.
[5] Cloud Security Alliance (CSA). (2010). Available:
http://www.c1oudsecurityalliance.orgl
[6] M. Jensen, J. Schwenk, N. Gruschka, and L. L. Iacono,On Technical
Security Issues in Cloud Computing, 2009.CLOUD '09. IEEE
International Conference on, 2009, pp. 109-116.
[7] J. E. Holt, Logcrypt: Forward security and public verification for secure
audit logs, in Proc. 4th Australasian Inform. Security Workshop,
2006,pp. 203211
[8] K. Ren, C. Wang, and Q. Wang, Security Challenges for the Public
Cloud, IEEE Internet Computing, vol. 16, no. 1, pp. 69-73, 2012.