Sys-log database manipulation security protocol

摘要

Sys-log message is the importance data which could present information about internet source-destination connection of all IP address nodes in each network server. These sys-log messages must be securely kept in database in case of being referenced, such as legal requesting. The objective of this research was to develop a security protocol of system log message database manipulation. Message was split to two non oblivious halves then sent them to be appended in two difference databases. These databases were managed by two database administrators (DBA#1, DBA#2). They could not knew the meaning of received message and both messages were meaningless when normally put two of them together. This protocol was developed by two security protocol; Message splitting and Blind signature protocol. Security techniques such as RSA, Keyed hashing function-MAC were used as basic processing in protocol scenario. Nevertheless, each DBA could verify authentication of the sender (system administrator) by sender's digital signature and integrity of log message by keyed hashing function. This designed protocol can help network system administrator and DBA easily manipulate sys-log database and also increase securely ensure manipulation of sys-log database.