EmLog : Tamper-Resistant System Logging for Constrained Devices with TEEs. / Shepherd, Carlton; Akram, Raja Naeem; Markantonakis, Konstantinos.

11th IFIP International Conference on Information Security Theory and Practice (WISTP'17). Springer, 2018. p. 75-92 (Lecture Notes in Computer Science; Vol. 10741).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

E-pub ahead of print

Standard

EmLog : Tamper-Resistant System Logging for Constrained Devices with TEEs. / Shepherd, Carlton; Akram, Raja Naeem; Markantonakis, Konstantinos.

11th IFIP International Conference on Information Security Theory and Practice (WISTP'17). Springer, 2018. p. 75-92 (Lecture Notes in Computer Science; Vol. 10741).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Shepherd, C, Akram, RN & Markantonakis, K 2018, EmLog: Tamper-Resistant System Logging for Constrained Devices with TEEs. in 11th IFIP International Conference on Information Security Theory and Practice (WISTP'17). Lecture Notes in Computer Science, vol. 10741, Springer, pp. 75-92. https://doi.org/10.1007/978-3-319-93524-9_5

APA

Shepherd, C., Akram, R. N., & Markantonakis, K. (2018). EmLog: Tamper-Resistant System Logging for Constrained Devices with TEEs. In 11th IFIP International Conference on Information Security Theory and Practice (WISTP'17) (pp. 75-92). (Lecture Notes in Computer Science; Vol. 10741). Springer. https://doi.org/10.1007/978-3-319-93524-9_5

Vancouver

Shepherd C, Akram RN, Markantonakis K. EmLog: Tamper-Resistant System Logging for Constrained Devices with TEEs. In 11th IFIP International Conference on Information Security Theory and Practice (WISTP'17). Springer. 2018. p. 75-92. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-319-93524-9_5

Author

Shepherd, Carlton ; Akram, Raja Naeem ; Markantonakis, Konstantinos. / EmLog : Tamper-Resistant System Logging for Constrained Devices with TEEs. 11th IFIP International Conference on Information Security Theory and Practice (WISTP'17). Springer, 2018. pp. 75-92 (Lecture Notes in Computer Science).

BibTeX

@inproceedings{7e78d52f38eb47f49eaf32fd62cb6c5f,
title = "EmLog: Tamper-Resistant System Logging for Constrained Devices with TEEs",
abstract = "Remote mobile and embedded devices are used to deliver increasingly impactful services, such as medical rehabilitation and assistive technologies. Secure system logging is beneficial in these scenarios to aid audit and forensic investigations particularly if devices bring harm to end-users. Logs should be tamper-resistant in storage, during execution, and when retrieved by a trusted remote verifier. In recent years, Trusted Execution Environments (TEEs) have emerged as the go-to root of trust on constrained devices for isolated execution of sensitive applications. Existing TEE-based logging systems, however, focus largely on protecting server-side logs and offer little protection to constrained source devices. In this paper, we introduce EmLog – a tamper-resistant logging system for constrained devices using the GlobalPlatform TEE. EmLog provides protection against complex software adversaries and offers several additional security properties over past schemes. The system is evaluated across three log datasets using an off-the-shelf ARM development board running an open-source, GlobalPlatform-compliant TEE. On average, EmLog runs with low run-time memory overhead (1MB heap and stack), 430–625 logs/second throughput, and five-times persistent storage overhead versus unprotected logs.",
author = "Carlton Shepherd and Akram, {Raja Naeem} and Konstantinos Markantonakis",
year = "2018",
month = jun,
day = "21",
doi = "10.1007/978-3-319-93524-9_5",
language = "English",
isbn = "978-3-319-93523-2",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "75--92",
booktitle = "11th IFIP International Conference on Information Security Theory and Practice (WISTP'17)",

}

RIS

TY - GEN

T1 - EmLog

T2 - Tamper-Resistant System Logging for Constrained Devices with TEEs

AU - Shepherd, Carlton

AU - Akram, Raja Naeem

AU - Markantonakis, Konstantinos

PY - 2018/6/21

Y1 - 2018/6/21

N2 - Remote mobile and embedded devices are used to deliver increasingly impactful services, such as medical rehabilitation and assistive technologies. Secure system logging is beneficial in these scenarios to aid audit and forensic investigations particularly if devices bring harm to end-users. Logs should be tamper-resistant in storage, during execution, and when retrieved by a trusted remote verifier. In recent years, Trusted Execution Environments (TEEs) have emerged as the go-to root of trust on constrained devices for isolated execution of sensitive applications. Existing TEE-based logging systems, however, focus largely on protecting server-side logs and offer little protection to constrained source devices. In this paper, we introduce EmLog – a tamper-resistant logging system for constrained devices using the GlobalPlatform TEE. EmLog provides protection against complex software adversaries and offers several additional security properties over past schemes. The system is evaluated across three log datasets using an off-the-shelf ARM development board running an open-source, GlobalPlatform-compliant TEE. On average, EmLog runs with low run-time memory overhead (1MB heap and stack), 430–625 logs/second throughput, and five-times persistent storage overhead versus unprotected logs.

AB - Remote mobile and embedded devices are used to deliver increasingly impactful services, such as medical rehabilitation and assistive technologies. Secure system logging is beneficial in these scenarios to aid audit and forensic investigations particularly if devices bring harm to end-users. Logs should be tamper-resistant in storage, during execution, and when retrieved by a trusted remote verifier. In recent years, Trusted Execution Environments (TEEs) have emerged as the go-to root of trust on constrained devices for isolated execution of sensitive applications. Existing TEE-based logging systems, however, focus largely on protecting server-side logs and offer little protection to constrained source devices. In this paper, we introduce EmLog – a tamper-resistant logging system for constrained devices using the GlobalPlatform TEE. EmLog provides protection against complex software adversaries and offers several additional security properties over past schemes. The system is evaluated across three log datasets using an off-the-shelf ARM development board running an open-source, GlobalPlatform-compliant TEE. On average, EmLog runs with low run-time memory overhead (1MB heap and stack), 430–625 logs/second throughput, and five-times persistent storage overhead versus unprotected logs.

U2 - 10.1007/978-3-319-93524-9_5

DO - 10.1007/978-3-319-93524-9_5

M3 - Conference contribution

SN - 978-3-319-93523-2

T3 - Lecture Notes in Computer Science

SP - 75

EP - 92

BT - 11th IFIP International Conference on Information Security Theory and Practice (WISTP'17)

PB - Springer

ER -