CCC.ObjStor.C06: Access Logs are Stored in a Separate Data Store
Control ID:CCC.ObjStor.C06
Title:Access Logs are Stored in a Separate Data Store
Objective:Ensure that access logs for object storage buckets are stored in a
separate data store to protect against unauthorized access, tampering,
or deletion of logs (Logbuckets are exempt from this requirement,
but must be tlp-red).
Control Family:
Data
Related Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH07 | Logs are Tampered With or Deleted | Tampering or deletion of service logs will reduce the system's ability to maintain an accurate record of events. Any actions that compromise the integrity of logs could disrupt system availability by disrupting monitoring, hindering forensic investigations, and reducing the accuracy of audit trails. | 1 | 1 | 0 |
| CCC.Core.TH09 | Runtime Logs are Read by Unauthorized Entities | Unauthorized access to logs may expose valuable information about the system's configuration, operations, and security mechanisms. This could jeopardize system availability through the exposure of vulnerabilities and support the planning of attacks on the service, system, or network. If logs are not adequately sanitized, this may also directly impact the confidentiality of sensitive data. | 1 | 1 | 0 |
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.F03 | Access Log Publication | The service automatically publishes structured, verbose records of activities performed within the scope of the service by external actors. |
| CCC.Core.F10 | Log Publication | The service automatically publishes structured, verbose records of activities, operations, or events that occur within the service. |