How to improve monitoring and auditing security properties in cloud storage?

  • Carlos André Batista de Carvalho
  • Nazim Agoulmine
  • Miguel Franklin de Castro
  • Rossana Maria de Castro Andrade

Resumo


A cloud storage service implements security mechanisms to protect users' data. Moreover, due to the loss of control over the cloud infrastructure, auditing and monitoring mechanisms are used to detect violations of security properties, increasing the trust and transparency in cloud services. However, there are flaws in existing solutions to ensure integrity, freshness and write-serializability properties. Then, we propose a monitoring and auditing mechanism to verify these properties, allowing to detect violations that are not identified by other solutions. Colored Petri Nets (CPNs) are used to model and validate the proposed mechanism. As results, the provider cannot deny the detected violations, and attacks are detected in real-time, except collusion attacks, identified only in our auditing phase.
Publicado
19/05/2017
CARVALHO, Carlos André Batista de; AGOULMINE, Nazim; CASTRO, Miguel Franklin de; ANDRADE, Rossana Maria de Castro. How to improve monitoring and auditing security properties in cloud storage?. In: SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 35. , 2017, Belém. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2017 . ISSN 2177-9384.