ProSAS: Proactive Security Auditing System for Clouds

The multi-tenancy in a cloud along with its dynamic and self-service nature could cause severe security concerns. To mitigate such concerns and ensure the accountability and transparency of the cloud providers towards their tenants, security auditing is a promising solution. However, the existing se...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on dependable and secure computing 2022-07, Vol.19 (4), p.1-1
Hauptverfasser: Majumdar, Suryadipta, Chawla, Gagandeep Singh, Alimohammadifar, Amir, Madi, Taous, Jarraya, Yosr, Pourzandi, Makan, Wang, Lingyu, Debbabi, Mourad
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The multi-tenancy in a cloud along with its dynamic and self-service nature could cause severe security concerns. To mitigate such concerns and ensure the accountability and transparency of the cloud providers towards their tenants, security auditing is a promising solution. However, the existing security auditing solutions for clouds suffer from several limitations. First, the traditional auditing approach, which is retroactive in nature, can only detect violations after the fact and hence, often becomes ineffective while dealing with the dynamic nature of a cloud. Second, the existing runtime approaches can cause significant delay in the response time while dealing with the sheer size of a cloud. Finally, the current proactive approaches typically rely on prior knowledge about future changes in a cloud and also require significant manual efforts, and thus become less practical for a dynamic environment like cloud. To address those limitations, we present a novel proactive security auditing system, namely, ProSAS, which can prevent violations to security policies at runtime with a practical response time, and yet does not require prior knowledge about future changes. ProSAS is integrated into OpenStack, a popular cloud platform. Our experiment results using both synthetic and real data demonstrate its efficiency and accuracy.
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2021.3062204