* [RFC] Tamper Evident Logging on Linux Audit
@ 2020-08-27 16:25 Paccagnella, Riccardo
2020-08-29 15:42 ` Paul Moore
0 siblings, 1 reply; 2+ messages in thread
From: Paccagnella, Riccardo @ 2020-08-27 16:25 UTC (permalink / raw)
To: linux-audit; +Cc: rgb, Dave (Jing) Tian, Liao, Kevin, Bates, Adam
[-- Attachment #1.1: Type: text/plain, Size: 766 bytes --]
Dear Linux Audit Team,
My team and I would like to share with you some recent research results that we hope will be interesting to you. In a nutshell, we designed a kernel-based tamper-evident logging system and implemented a proof of concept of it on top of Linux Audit. Would you be interested in the possibility of incorporating our system in the upstream version of Linux Audit? We envision a small extension to Linux Audit that would allow users to enable integrity protection for the logs if desired. For reference, this<https://rp8.web.engr.illinois.edu/papers/kennyloggings-ccs2020.pdf> is our paper and this<https://bitbucket.org/sts-lab/kennyloggings/> is our proof-of-concept implementation.
Thanks very much in advance and best regards,
Riccardo
[-- Attachment #1.2: Type: text/html, Size: 1134 bytes --]
[-- Attachment #2: Type: text/plain, Size: 102 bytes --]
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [RFC] Tamper Evident Logging on Linux Audit
2020-08-27 16:25 [RFC] Tamper Evident Logging on Linux Audit Paccagnella, Riccardo
@ 2020-08-29 15:42 ` Paul Moore
0 siblings, 0 replies; 2+ messages in thread
From: Paul Moore @ 2020-08-29 15:42 UTC (permalink / raw)
To: Paccagnella, Riccardo
Cc: rgb, Dave (Jing) Tian, Liao, Kevin, linux-audit, Bates, Adam
On Thu, Aug 27, 2020 at 12:25 PM Paccagnella, Riccardo <rp8@illinois.edu> wrote:
>
> Dear Linux Audit Team,
> My team and I would like to share with you some recent research results that we hope will be interesting to you. In a nutshell, we designed a kernel-based tamper-evident logging system and implemented a proof of concept of it on top of Linux Audit. Would you be interested in the possibility of incorporating our system in the upstream version of Linux Audit? We envision a small extension to Linux Audit that would allow users to enable integrity protection for the logs if desired. For reference, this is our paper and this is our proof-of-concept implementation.
>
> Thanks very much in advance and best regards,
> Riccardo
Hi Riccardo,
Often it helps to discuss new features in the context of a patch
submission; it helps remove ambiguity and is an easy way to offer
feedback. It would appear that you already have patches so I would
suggest you prepare those for posting on-list, complete with an
in-depth commit description, so we can discuss further.
If you are unfamiliar with submitting Linux kernel patches, the link
below may be helpful:
* https://www.kernel.org/doc/html/latest/process/submitting-patches.html
--
paul moore
www.paul-moore.com
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-08-29 15:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-27 16:25 [RFC] Tamper Evident Logging on Linux Audit Paccagnella, Riccardo
2020-08-29 15:42 ` Paul Moore
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.