Embedding a Distributed Auditing Mechanism in the Service Cloud

Author

Alqahtani, Sarra ; Gamble, Rose

Author_Institution

Tandy Sch. of Comput. Sci., Univ. of Tulsa, Tulsa, OK, USA

fYear

2014

fDate

June 27 2014-July 2 2014

Firstpage

69

Lastpage

76

Abstract

The Cloud Security Alliance identified the "notorious nine" threats for cloud computing. The range of these threats across the cloud indicates that centralized prevention and detection would be highly inefficient, potentially reporting incidents to tenants well after they occur and are difficult to mitigate. This paper presents an auditing framework for the service cloud that distributes logging, monitoring, and reporting at the local service level, at the application or session level that can involve multiple tenant services, and at the cloud level where corroboration and verification of threats takes place. To verify the forensic coverage of the framework, a set of CAPEC attack patterns are investigated to match attack evidence gathering and mitigation techniques with the proposed distributed detection and mitigation levels of the framework.

Keywords

cloud computing; digital forensics; CAPEC attack patterns; attack evidence gathering; cloud computing; cloud security alliance; distributed auditing mechanism; forensic coverage; local service level; mitigation techniques; notorious nine threats; service cloud; session level; tenant services; Cloud computing; Clouds; Forensics; Monitoring; Security; Simple object access protocol; Attack forensics; Distributed auditing; Security; Service cloud;

fLanguage

English

Publisher

ieee

Conference_Titel

Services (SERVICES), 2014 IEEE World Congress on

Conference_Location

Anchorage, AK

Print_ISBN

978-1-4799-5068-3

Type

conf

DOI

10.1109/SERVICES.2014.22

Filename

6903246