论文信息 - Supporting Cloud Accountability by Collecting Evidence Using Audit Agents

Supporting Cloud Accountability by Collecting Evidence Using Audit Agents

Today's cloud services process data and let it often unclear to customers, how and by whom data is collected, stored and processed. This hinders the adoption of cloud computing by businesses. One way to address this problem is to make clouds more accountable, which has to be provable by third parties through audits. In this paper we present a cloud-adopted evidence collection process, possible evidence sources and discuss privacy issues in the context of audits. We introduce an agent based architecture, which is able to perform audit processing and reporting continuously. Agents can be specialized to perform specific audit tasks (e.g., log data analysis) whenever necessary, to reduce complexity and the amount of collected evidence information. Finally, a multi-provider scenario is discussed, which shows the usefulness of this approach.

Christoph Reich | Thomas Rübsamen

[1] Tal Garfinkel,et al. A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[2] Bradley L. Schatz,et al. An open architecture for digital evidence integration , 2006 .

[3] Cong Wang,et al. Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[4] Simon Tjoa,et al. Evidence and Cloud Computing: The Virtual Machine Introspection Approach , 2013, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[5] André Årnes,et al. Storage and exchange formats for digital evidence , 2011, Digit. Investig..

[6] Frank Doelitzscher,et al. Sun Behind Clouds - On Automatic Cloud Security Audits and a Cloud Audit Policy Language , 2013 .

[7] Frank Doelitzscher,et al. An agent based business aware incident detection system for cloud environments , 2012, Journal of Cloud Computing: Advances, Systems and Applications.

[8] Samuel T. King,et al. ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.

[9] Xiaohui Liang,et al. Secure provenance: the essential of bread and butter of data forensics in cloud computing , 2010, ASIACCS '10.

[10] Wenke Lee,et al. Secure and Robust Monitoring of Virtual Machines through Guest-Assisted Introspection , 2012, RAID.