Optimal Evidence Collection for Accountability in the Cloud

In multi-tenant cloud services, accountability can be used to strengthen the trust of tenants in the cloud. It provides the reassurance that the processing of personal data hosted in the cloud is done according to tenants' requirements (a.k.a. accountability obligations). Ensuring accountability requires multiple measures ranging from preventive controls to violation detection and analysis, based on evidences so as to prove that a violation has occurred or to ensure violation judgment. In a complex cloud environment with multi-tenant services, judging violations encounters difficulties due to the plethora of evidences to be analyzed, which may burden the post-violation analysis in terms of latency and workloads. In this work, we offer a method ensuring the collection of the necessary and minimal (optimal) evidences and avoiding re-evaluating all of them for each violated obligation. Basically, we use a linear program -with an objective function under a set of constraints-and we perform actions in order to obtain optimal evidences elements for the judgment. Finally, our approach is implemented and the results of our experiments highlight its feasibility.

[1]  Siani Pearson,et al.  A Metamodel for Measuring Accountability Attributes in the Cloud , 2013, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science.

[2]  John Zic,et al.  Accountability as a Service for the Cloud: From Concept to Implementation with BPEL , 2010, 2010 6th World Congress on Services.

[3]  Tobias Pulls,et al.  Security and Privacy Preservation of Evidence in Cloud Accountability Audits , 2015, CLOSER.

[4]  Chunming Rong,et al.  Evidence for Accountable Cloud Computing Services , 2013 .

[5]  Răzvan Viorescu 2018 REFORM OF EU DATA PROTECTION RULES , 2017 .

[6]  Mohamed Sellami,et al.  From Event to Evidence: An Approach for Multi-tenant Cloud Services’ Accountability , 2017, 2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA).

[7]  Mohamed Sellami,et al.  Analyzing Multi-tenant Cloud Services' Accountability , 2015, 2015 IEEE 12th International Conference on e-Business Engineering.

[8]  Walid Benghabrit,et al.  Accountability for Abstract Component Design , 2014, 2014 40th EUROMICRO Conference on Software Engineering and Advanced Applications.

[9]  Zhen Yang,et al.  Ensuring reliable logging for data accountability in untrusted cloud storage , 2017, 2017 IEEE International Conference on Communications (ICC).

[10]  Karin Bernsmed,et al.  A Cloud Accountability Policy Representation Framework , 2014, CLOSER.

[11]  Zhenyu Wen,et al.  Assuring Dependable Cloud-Based System Engineering: A Cloud Accountability Method , 2016, 2016 12th European Dependable Computing Conference (EDCC).

[12]  Ahmed Hadj Kacem,et al.  Multi-tenant Services Monitoring for Accountability in Cloud Computing , 2014, 2014 IEEE 6th International Conference on Cloud Computing Technology and Science.

[13]  Herbert Burkert,et al.  Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. , 1996 .

[14]  John Zic,et al.  Accountability services for verifying compliance in the cloud , 2012, Int. J. Cloud Comput..