Title :
An effective auditing scheme for cloud computing
Author :
Houlihan, Ruth ; Xiaojiang Du
Author_Institution :
Dept. of Comput. & Inf. Sci., Temple Univ., Philadelphia, PA, USA
Abstract :
In this paper, we present a novel secure auditing scheme for cloud computing systems. Several auditing schemes have been proposed for the cloud, which periodically trigger the auditing function. These schemes are designed to monitor the performance and behavior of the cloud. One major problem with these kind of schemes is that they are vulnerable to the transient attack (also known as the timed scrubbing attack). Our secure auditing scheme is able to prevent the transient attack via modification of the Linux auditing daemon - auditd, which creates attestable logs. Our scheme utilizes the System Management Mode (SMM) for integrity checks and the Trusted Platform Module (TPM) chip for attestable security. Specifically, we modify the auditing daemon protocol such that it records a hash of each audit log entry to the TPM´s Platform Configuration Register (PCR), which gives us an attestable history of every command executed on the cloud server. We perform real experiments on two cloud servers and the results show that the overhead of our scheme is very small.
Keywords :
Linux; auditing; cloud computing; cryptographic protocols; data integrity; network servers; trusted computing; Linux auditing daemon protocol; PCR; SMM; TPM chip; TPM platform configuration register; attestable logs; attestable security; audit log entry; auditing function; cloud behavior monitoring; cloud computing systems; cloud performance monitoring; cloud server; integrity checks; secure auditing scheme; system management mode; transient attack; trusted platform module chip; Cloud computing; auditing; performance;
Conference_Titel :
Global Communications Conference (GLOBECOM), 2012 IEEE
Conference_Location :
Anaheim, CA
Print_ISBN :
978-1-4673-0920-2
Electronic_ISBN :
1930-529X
DOI :
10.1109/GLOCOM.2012.6503342
