摘要： 现有的日志文件保护技术大多集中于保护日志文件不被外来攻击者攻击，而无法抵御恶意的合法用户的攻击。为此，在分析日志技术安全需求的基础上，提出一种在不可信环境下的客户端日志保护机制，基于USB Key对日志文件进行加密和签名处理。给出日志文件的生成、存储及上传过程。安全性与性能分析结果证明了该机制的有效性。

关键词: 日志安全, 电子钥匙, 客户端, 不可信环境

Abstract: The existing technologies of logging file protection are mainly focusing on protecting logging files from attack outside, but the logging files are exposed in a hostile environment and malicious users who is legitimate may tamper or delete the logging files. This paper proposes a client logging protection mechanism in hostile environment. It encrypts and signs the logging file based on USB Key. It protects the logging files’ generation, storing and uploading. Security and performance analysis proves the validity and security of this mechanism.

Key words: logging security, USB Key, client, hostile environment

中图分类号: 

• TP309