Delegating Secure Logging in Pervasive Computing Systems

  • Rafael Accorsi
  • Adolf Hohl
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3934)


Logging is a central service in computing systems. It lays the foundation for accountability and audit services in computing systems, as well as for other accessory services. While providing logging services in traditional computing systems is a relatively smooth process, it turns to an intricate task in pervasive computing systems. In this context, we present two contributions addressing this problem. First, we develop an approach to securely log information in marginally trusted collectors. Second, we investigate the question of how to securely delegate our logging protocol to a relay equipped with trusted-computing modules.


Pervasive Computing Message Authentication Code Trusted Platform Module Cryptographic Operation Security Guarantee 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Autonomic computing initiative (2005),
  2. 2.
    BEEP web site (2005),
  3. 3.
    Reliable syslog web site (2005),
  4. 4.
    Syslog-ng web site (2005),
  5. 5.
    Anderson, R., Kuhn, M.: Tamper resistance: A cautionary note. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce, pp. 1–11. USENIX Assoc. (1996)Google Scholar
  6. 6.
    Bellare, M., Yee, B.: Forward integrity for secure audit logs. Technical report, University of California at San Diego, Dept. of Computer Science & Engineering (1997)Google Scholar
  7. 7.
    Blaß, E.-O., Zitterbart, M.: Towards acceptable public-key encryption in sensor networks. In: Mostéfaoui, S.K., Maamar, Z. (eds.) IWUC, pp. 88–93. INSTICC Press (2005)Google Scholar
  8. 8.
    Creese, S., Goldsmith, M., Harrison, R., Roscoe, B., Whittaker, P., Zakiuddin, I.: Exploiting empirical engagement in authentication protocol design. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 119–133. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Creese, S., Goldsmith, M., Roscoe, B., Zakiuddin, I.: Authentication for pervasive computing. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 116–129. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 2(29), 198–208 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Flegel, U.: Pseudonymizing unix log files. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 162–179. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Forman, G., Zahorjan, J.: The challenges of mobile computing. IEEE Computer 27(4), 38–47 (1994)CrossRefGoogle Scholar
  13. 13.
    Graff, M.G., van Wyk, K.R.: Secure Coding: Principles & Practices. O’Reilly, Sebastopol (2003)Google Scholar
  14. 14.
    Hohl, A., Lowis, L., Zugenmaier, A.: Look who’s talking – authenticating service access points. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 151–162. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  15. 15.
    Itkis, G.: Cryptographic tamper evidence. In: Proceedings of the Conference on Computer and Communication Security, pp. 355–364. ACM Press, New York (2003)Google Scholar
  16. 16.
    Kelsey, J., Callas, J.: Signed syslog messages. IETF Internet Draft (2005),
  17. 17.
    Lie, D., Thekkath, C.A., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J.C., Horowitz, M.: Architectural support for copy and tamper resistant software. In: ASPLOS, pp. 168–177 (2000)Google Scholar
  18. 18.
    Lonvick, C.: RFC 3164: The BSD syslog protocol. Request for Comments (2001),
  19. 19.
    New, D., Rose, M.: RFC 3195: Reliable delivery for syslog. Request for Comments (2001),
  20. 20.
    Pfitzmann, B., Riordan, J., Stüble, C., Waidner, M., Weber, A.: Die PERSEUS Systemarchitektur (2001)Google Scholar
  21. 21.
    Poritz, J., Schunter, M., Herreweghen, E.V., Waidner, M.: Property attestation - scalable and privacy-friendly security assessment of peer computers. Technical Report RZ3548, IBM Corporation (2004)Google Scholar
  22. 22.
    Sadeghi, A.-R., Stüble, C.: Taming “trusted platforms” by operating system design. In: Chae, K.-J., Yung, M. (eds.) WISA 2003. LNCS, vol. 2908, pp. 286–302. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  23. 23.
    Satyanarayanan, M.: Pervasive computing: Vision and challenges. IEEE Personal Communications, 10–17 (2001)Google Scholar
  24. 24.
    Schneier, B., Kelsey, J.: Remote auditing of software outputs using a trusted coprocessor. Future Generation Computer Systems 13(1), 9–18 (1997)CrossRefGoogle Scholar
  25. 25.
    Schneier, B., Kelsey, J.: Security audit logs to support computer forensics. ACM Transactions on Information and System Security 2(2), 159–176 (1999)CrossRefGoogle Scholar
  26. 26.
    Stajano, F.: Security for Ubiquitous Computing. John Wiley and Sons, Chichester (2002)CrossRefGoogle Scholar
  27. 27.
    Trusted Computing Group. TCG Backgrounder (May 2003)Google Scholar
  28. 28.
    Wang, J., Yang, Y., Yurcik, W.: Secure smart environments: Security requirements, challenges and experiences in pervasive computing. In: NSF Infrastructure Experience 2005, NSF/CISE/CNS Pervasive Computing Infrastructure Experience Workshop (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Rafael Accorsi
    • 1
  • Adolf Hohl
    • 1
  1. 1.Department of TelematicsAlbert-Ludwigs-UniversitätFreiburgGermany

Personalised recommendations