Andreas Haeberlen
Abstract
For many companies, clouds are becoming an interesting alternative to a dedicated IT infrastructure. However, cloud computing also carries certain risks for both the customer and the cloud provider. The customer places his computation and data on machines he cannot directly control; the provider agrees to run a service whose details he does not know. If something goes wrong - for example, data leaks to a competitor, or the computation returns incorrect results - it can be difficult for customer and provider to determinewhich of themhas caused the problem, and, in the absence of solid evidence, it is nearly impossible for them to hold each other responsible for the problem if a dispute arises.
In this paper, we propose that the cloud should be made accountable to both the customer and the provider. Both parties should be able to check whether the cloud is running the service as agreed. If a problem appears, they should be able to determine which of them is responsible, and to prove the presence of the problem to a third party, such as an arbitrator or a judge. We outline the technical requirements for an accountable cloud, and we describe several challenges that are not yet met by current accountability techniques.
- Carlisle Adams, Pat Cain, Denis Pinkas, and Robert Zuccherato. RFC 3161: Internet X.509 public key infrastructure timestamp protocol (TSP). http://tools.ietf.org/rfc/rfc3161.txt, August 2001. Google Scholar
Digital Library
- Amazon Web Services. TC3 Health case study. http://aws.amazon.com/solutions/case-studies/tc3-health/.Google Scholar
- Michael Armbrust, Armando Fox, Rean Griffith, Anthony D. Joseph, Randy H. Katz, Andrew Konwinski, Gunho Lee, David A. Patterson, Ariel Rabkin, Ion Stoica, and Matei Zaharia. Above the clouds: A Berkeley view of cloud computing. Technical Report EECS-2009-28, University of California at Berkeley, February 2009.Google Scholar
- Christian Cachin, Idit Keidar, and Alexander Shraer. Trusting the cloud. ACM SIGACT News, 40(2):81--86, June 2009. Google ScholarDigital Library
- Edmund M. Clarke, Orna Grumberg, and David E. Long. Model checking and abstraction. ACM Transactions on Programming Languages and Systems, 16(5):1512--1542, 1994. Google ScholarDigital Library
- George W. Dunlap, Samuel T. King, Sukru Cinar, Murtaza Basrai, and Peter M. Chen. ReVirt: Enabling intrusion analysis through virtual-machine logging and replay. In Proc. OSDI, December 2002. Google ScholarDigital Library
- Andreas Haeberlen, Petr Kuznetsov, and Peter Druschel. PeerReview: Practical accountability for distributed systems. In Proc. SOSP, October 2007. Google ScholarDigital Library
- Leslie Lamport, Robert Shostak, andMarshall Pease. The Byzantine generals problem. ACM Transactions on Programming Languages and Systems, 4(3):382--401, 1982. Google ScholarDigital Library
- Dave Levin, John R. Douceur, Jacob R. Lorch, and Thomas Moscibroda. TrInc: Small trusted hardware for large distributed systems. In Proc. NSDI, Apr 2009. Google ScholarDigital Library
- Nikolaos Michalakis, Robert Soulé, and Robert Grimm. Ensuring content integrity for untrusted peer-to-peer content distribution networks. In Proc. NSDI, April 2007. Google ScholarDigital Library
- James Newsome and Dawn Xiaodong Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proc. NDSS, February 2005.Google Scholar
- Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues. Towards trusted cloud computing. In Proc. HotCloud, June 2009. Google ScholarDigital Library
- Aydan R. Yumerefendi and Jeffrey S. Chase. Trust but verify: Accountability for internet services. In ACM SIGOPS European Workshop, September 2004. Google ScholarDigital Library
- Aydan R. Yumerefendi and Jeffrey S. Chase. Strong accountability for network storage. ACM Transactions on Storage, 3(3):11, 2007. Google ScholarDigital Library
Index Terms
- A case for the accountable cloud
Recommendations
The Case for Cloud Computing
To understand clouds and cloud computing, we must first understand the two different types of clouds. The author distinguishes between clouds that provide on-demand computing instances and those that provide on-demand computing capacity.
Cloud service engineering
ICSE '10: Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2Building on compute and storage virtualization, Cloud Computing provides scalable, network-centric, abstracted IT infrastructure, platforms, and applications as on-demand services that are billed by consumption. Cloud Service Engineering is the ...
Accountable Health Care Service Provisioning in the Cloud
UCC '14: Proceedings of the 2014 IEEE/ACM 7th International Conference on Utility and Cloud ComputingCloud computing has received a great deal of attention during the past few years. However, processing data remotely in unknown systems creates a number of challenges related to data privacy and security, which may hinder the adoption of cloud technology ...
Comments