nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Operational-Behavior Auditing in Cloud Storage

verfasst von : Zhaoyi Chen, Hui Tian, Jing Lu, Yiqiao Cai, Tian Wang, Yonghong Chen

Erschienen in: Cloud Computing, Security, Privacy in New Computing Environments

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

As an indispensable branch of cloud computing, cloud storage enables individuals and organizations to enjoy large-scale and distributed storage capability in a multi-tenant service pattern. However, there is still a serious lack of mutual trust between the users and cloud service providers, since both of them can perform dishonest and malicious operational behaviors on cloud data. Secure audit for operational behaviors is vital for cloud forensic investigation, which collects and offers essential audit logs for a forensic investigator to track security incidents and accountability determination. Such an auditing service can help to achieve better security assurances within the whole life cycle of cloud data. In this paper, we present an auditing mode for operational behaviors in cloud storage, introduce the open issues in two main phases, log audit and forensic investigation, and discuss the future trends.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A Revocable Outsourcing Attribute-Based Encryption Scheme

Nächstes Kapitel Efficient Verifiable Multi-user Searchable Symmetric Encryption for Encrypted Data in the Cloud

Mell, P., Grance, T.: Draft NIST working definition of cloud computing. Technical report (2009). http://csrc.nist.gov/groups/SNS/cloud-computing/index.html

Wang, C., Ren, K., Lou, W., Jin, L.: Toward publicly auditable secure cloud data storage services. IEEE netw. 24, 19–24 (2010)CrossRef

Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16, 69–73 (2012)CrossRef

Ko, Ryan K.L., Lee, B.S., Pearson, S.: Towards achieving accountability, auditability and trust in cloud computing. In: Abraham, A., Mauri, J.L., Buford, John F., Suzuki, J., Thampi, Sabu M. (eds.) ACC 2011. CCIS, vol. 193, pp. 432–444. Springer, Heidelberg (2011). doi:10.1007/978-3-642-22726-4_45 CrossRef

Yang, K., Jia, X.: Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web 15, 409–428 (2012)CrossRef

Tian, H., Chen, Y., Chang, C.C., Jiang, H., Huang, Y., Chen, Y.H., Liu, J.: Dynamic-hash- table based public auditing for secure cloud storage. IEEE Trans. Serv. Comput. (2015). doi:10.1109/TSC.2015.2512589

Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22, 847–859 (2011)CrossRef

Juels, A., Kaliski, B.S.: PoRs: proofs of retrievability for large files. In: 14th ACM Conference on Computer and Communications Security, pp. 584–597 (2007)

Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008). doi:10.1007/978-3-540-89255-7_7 CrossRef

10.

Wang, G., Liu, Q., Wu, J.: A hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: 17th ACM Conference on Computer and Communications Security, pp. 735–737 (2010)

11.

Yang, K., Jia, X., Ren, K., Zhang, B., Xie, R.: DAC-MACS: effective data access control for multiauthority cloud storage systems. IEEE Trans. Inf. Forensics Secur. 8, 1790–1801 (2013)CrossRef

12.

Halevi, S., Harnik, D., Pinkas, B., Peleg, A.S.: Proofs of ownership in remote storage systems. In: 18th ACM Conference on Computer and Communications Security, pp. 49–500 (2011)

13.

Zheng, Q., Xu, S.: Secure and efficient proof of storage with deduplication. In: 2nd ACM Conference on Data and Application Security and privacy, pp. 1–12 (2012)

14.

Martini, B., Choo, K.K.R.: An integrated conceptual digital forensic framework for cloud computing. Digit. Invest. 9, 71–80 (2012)CrossRef

15.

Dykstra, J., Sherman, A.T.: Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. Digit. Invest. 9, S90–S98 (2012)CrossRef

16.

Zawoad, S., Dutta, A.K., Hasan, R.: Towards building forensics enabled cloud through secure logging-as-a-service. IEEE Trans. Dependable Secure Comput. 13, 148–162 (2016)CrossRef

17.

Zawoad, S., Dutta, A.K., Hasan, R.: SecLaaS: secure logging-as-a-service for cloud forensics. In: 8th ACM SIGSAC Symposium Information, Computer and Communications Security, pp. 219–230 (2013)

18.

Bellare, M., Yee, B.: Forward integrity for secure audit logs. Technical report, Computer Science and Engineering Department (1997)

19.

Schneier, B., Kelsey, J.: Secure audit logs to support computer forensics. ACM Trans. Inf. Syst. Secur. 2, 159–176 (1999)CrossRef

20.

Ma, D., Tsudik, G.: A new approach to secure logging. ACM Trans. Storage 5, 1–21 (2009)CrossRef

21.

Yavuz, A.A., Ning, P., Reiter, M.K.: Efficient, compromise resilient and append-only cryptographic schemes for Secure audit logging. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 148–163. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32946-3_12 CrossRef

22.

Holt, J.E.: Logcrypt: forward security and public verification for secure audit logs. In: 4th Australasian Workshops on Grid Computing and E-research, pp. 203–211 (2006)

23.

Accorsi, R.: BBox: a distributed secure log architecture. In: Camenisch, J., Lambrinoudakis, C. (eds.) EuroPKI 2010. LNCS, vol. 6711, pp. 109–124. Springer, Heidelberg (2011). doi:10.1007/978-3-642-22633-5_8 CrossRef

24.

Stathopoulos, V., Kotzanikolaou, P., Magkos, E.: A framework for secure and verifiable logging in public communication networks. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 273–284. Springer, Heidelberg (2006). doi:10.1007/11962977_22 CrossRef

25.

Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J Cryptol. 17, 297–319 (2004)CrossRefMATHMathSciNet

26.

Roussev, V., Richard, L., G.G.: Breaking the performance wall: the case for distributed digital forensics. In: 2004 Digital Forensics Research Workshop, vol. 94 (2004)

27.

Marziale, L., Richard, G.G., Roussev, V.: Massive threading: using GPUs to increase the performance of digital forensics tools. Digit. Invest. 4, 73–81 (2007)CrossRef

28.

Francois, J., Wang, S., Bronzi, W.: Botcloud: Detecting botnets using mapreduce. In: IEEE International Workshop on Information Forensics and Security, pp. 1–6 (2011)

29.

Roussev, V., Wang, L., Richard, G., Marziale, L.: A cloud computing platform for large-scale forensic computing. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2009. IAICT, vol. 306, pp. 201–214. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04155-6_15 CrossRef

30.

Therdphapiyanak, J., Piromsopa, K.: Applying Hadoop for log analysis toward distributed IDS. In: 7th ACM International Conference on Ubiquitous Information Management and Communication, vol. 3 (2013)

31.

Lin, X., Wang, P., Wu, B.: Log analysis in cloud computing environment with Hadoop and Spark. In: 5th IEEE International Conference on Broadband Network and Multimedia Technology, pp. 273–276 (2013)

Titel: Operational-Behavior Auditing in Cloud Storage
verfasst von: Zhaoyi Chen
Hui Tian
Jing Lu
Yiqiao Cai
Tian Wang
Yonghong Chen
Verlag: Springer International Publishing
Buch: Cloud Computing, Security, Privacy in New Computing Environments
Print ISBN: 978-3-319-69604-1

Electronic ISBN: 978-3-319-69605-8

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-69605-8_15

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"