Loading [a11y]/accessibility-menu.js
Embedding a Distributed Auditing Mechanism in the Service Cloud | IEEE Conference Publication | IEEE Xplore

Embedding a Distributed Auditing Mechanism in the Service Cloud

Publisher: IEEE

Abstract:

The Cloud Security Alliance identified the "notorious nine" threats for cloud computing. The range of these threats across the cloud indicates that centralized prevention...View more

Abstract:

The Cloud Security Alliance identified the "notorious nine" threats for cloud computing. The range of these threats across the cloud indicates that centralized prevention and detection would be highly inefficient, potentially reporting incidents to tenants well after they occur and are difficult to mitigate. This paper presents an auditing framework for the service cloud that distributes logging, monitoring, and reporting at the local service level, at the application or session level that can involve multiple tenant services, and at the cloud level where corroboration and verification of threats takes place. To verify the forensic coverage of the framework, a set of CAPEC attack patterns are investigated to match attack evidence gathering and mitigation techniques with the proposed distributed detection and mitigation levels of the framework.
Date of Conference: 27 June 2014 - 02 July 2014
Date Added to IEEE Xplore: 22 September 2014
ISBN Information:
Print ISSN: 2378-3818
Publisher: IEEE
Conference Location: Anchorage, AK, USA

References

References is not available for this document.