Agent-Based Evidence Collection in Cloud Computing

Nowadays there are many offerings of cloud services all over the world which have various security requirements depending on their business use. The compliance of these cloud services with the predefined security policies should be proven. In a cloud infrastructure this is not an easy job, because of its immense complexity. This paper proposes an architecture which uses software agents as its core components to collect evidence across the different layers of cloud infrastructures (Cloud Managment System, Hypervisor, VM, etc.) and builds a chain of evidence to prove compliance with predefined security policies.

[1]  Stefan Poslad,et al.  Specifying protocols for multi-agent systems interaction , 2007, TAAS.

[2]  M. Nikraz,et al.  A methodology for the analysis and design of multi-agent systems using JADE , 2006 .

[3]  Christoph Reich,et al.  Supporting Cloud Accountability by Collecting Evidence Using Audit Agents , 2013, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science.

[4]  Agostino Poggi,et al.  Developing Multi-agent Systems with JADE , 2007, ATAL.

[5]  Martin Knahl,et al.  Validating Cloud Infrastructure Changes by Cloud Audits , 2012, 2012 IEEE Eighth World Congress on Services.

[6]  Valentina Casola,et al.  XACML: extensible Access Control Markup Language , 2010 .

[7]  Nicolas Lhuillier,et al.  FOUNDATION FOR INTELLIGENT PHYSICAL AGENTS , 2003 .

[8]  Karin Bernsmed,et al.  A Cloud Accountability Policy Representation Framework , 2014, CLOSER.

[9]  Christopher Millard,et al.  Cloud Computing Law , 2013 .

[10]  Philip Turner,et al.  Unification of Digital Evidence from Disparate Sources (Digital Evidence Bags) , 2005, DFRWS.

[11]  Timothy Grance,et al.  Guidelines on Security and Privacy in Public Cloud Computing | NIST , 2012 .

[12]  Bradley L. Schatz,et al.  An open architecture for digital evidence integration , 2006 .

[13]  Andreas Matheus,et al.  How to Declare Access Control Policies for XML Structured Information Objects using OASIS' eXtensible Access Control Markup Language (XACML) , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.