How to improve monitoring and auditing security properties in cloud storage?

Resumo

A cloud storage service implements security mechanisms to protect users' data. Moreover, due to the loss of control over the cloud infrastructure, auditing and monitoring mechanisms are used to detect violations of security properties, increasing the trust and transparency in cloud services. However, there are flaws in existing solutions to ensure integrity, freshness and write-serializability properties. Then, we propose a monitoring and auditing mechanism to verify these properties, allowing to detect violations that are not identified by other solutions. Colored Petri Nets (CPNs) are used to model and validate the proposed mechanism. As results, the provider cannot deny the detected violations, and attacks are detected in real-time, except collusion attacks, identified only in our auditing phase.