On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems

  • Rafael Accorsi
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 201)


We investigate a mechanism for secure remote logging to improve privacy guarantees in dynamic systems. Using an extended threat model for privacy, we first describe outer and inner privacy: outer privacy denotes the traditional attacker model for privacy where identity management systems control the collection of personal, observable information; inner privacy denotes the threat posed by an attacker who attempts to get hold of private log data by tampering with a device. While privacy-enhancing technologies should take outer and inner privacy into account, there is, to our knowledge, no approach for inner privacy, in particular for dynamic systems. To this end, we develop protocols to address inner privacy based on secure logging. Our approach accounts for the capacity limitations of resource-poor devices in dynamic systems, as it allows for the remote storage of log data, while fulfilling its security guarantees. Furthermore, our approach can be smoothly integrated into identity management systems to combine outer and inner privacy.


Pervasive Computing Message Authentication Code Attack Model Acknowledgement Phase Cryptographic Technique 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    idemix., 2005.Google Scholar
  2. 2.
    iManager. http://www., 2005.Google Scholar
  3. 3.
    JAP anonymity and privacy., 2005.Google Scholar
  4. 4.
    R. Accorsi and A. Hohl. Delegating secure logging in pervasive computing systems. To appear in the 3rd Conf. Security in Pervasive Computing, 2006.Google Scholar
  5. 5.
    M. Bellare and B. Yee. Forward integrity for secure audit logs. Tech. report, Univ. of California at San Diego, Dept. of Computer Science & Engineering, 1997.Google Scholar
  6. 6.
    S. Creese, M. Goldsmith, R. Harrison, B. Roscoe, P. Whittaker, and I. Zakiuddin. Exploiting empirical engagement in authentication protocol design. In 2nd Conf. Security in Pervasive Computing, vol. 3450 of LNCS, pages 119–133, 2005.CrossRefGoogle Scholar
  7. 7.
    U. Flegel. Pseudonymizing unix log files. In Infrastructure Security Conference, vol. 2437 of LNCS, pages 162–179, 2002.Google Scholar
  8. 8.
    G. Forman and J. Zahorjan. The challenges of mobile computing. IEEE Computer, 27(4):38–47, 1994.Google Scholar
  9. 9.
    W. Gibbs. Autonomic computing. Scientific American, 2002.Google Scholar
  10. 10.
    M. Graff and K. van Wyk. Secure Coding: Principles & Practices. O’Reilly, 2003.Google Scholar
  11. 11.
    G. Itkis. Cryptographic tamper evidence. In Conf. on Computer and Communication Security, pages 355–364, 2003.Google Scholar
  12. 12.
    E. Kenneally. Evidence enhancing technology. ;login, 28(6):62–66, 2003.Google Scholar
  13. 13.
    M. Langheinrich. A privacy awareness system for ubiquitous computing environments. In 4th Conf. on UbiComp, vol. 2498 of LNCS, pages 237–245, 2002.zbMATHGoogle Scholar
  14. 14.
    G. Müller and S. Wohlgemuth. Study on mobile identity management. Deliverable for Fidis Project, Institute for Computer Science and Social Studies, 2005.Google Scholar
  15. 15.
    M. Satyanarayanan. Pervasive computing: Vision and challenges. IEEE Personal Communications, pages 10–17, 2001.Google Scholar
  16. 16.
    B. Schneier. Applied Ciyptography. John Wiley and Sons, Inc, 1996.Google Scholar
  17. 17.
    B. Schneier and J. Kelsey. Security audit logs to support computer forensics. ACM Transactions on Information and System Security, 2(2): 159–176, May 1999.CrossRefGoogle Scholar

Copyright information

© International Federation for Information Processing 2006

Authors and Affiliations

  • Rafael Accorsi
    • 1
  1. 1.Department of TelematicsAlbert-Ludwigs-Universität FreiburgGermany

Personalised recommendations