Staff Profile Pages

Integrity assurance in the cloud by combined PBA and provenance

Authors: Awad, A., Kadry, S., Lee, B., Maddodi, G. and O'Meara, E.

Journal: International Conference on Next Generation Mobile Applications, Services, and Technologies

Pages: 127-132

eISSN: 2161-2897

ISSN: 2161-2889

DOI: 10.1109/NGMAST.2016.15

Abstract:

In this paper, we propose a new integrity assurance system in the cloud by using both hard and soft attestations. By hard attestation, we mean the usage of trusted computing to certify the machines in the cloud or to detect any tamper on the system level including boot, bios and operating system. The soft assurance mechanism is based on the analysis of the cloud provenance data which are collected by logging kernel system calls. This mechanism is data centric which means that it allows the detection of any changes to data artifacts in the cloud. The results of our integrity assurance system is communicated to the user using Cloud Trust Protocol (CTP) developed by the Cloud Security Alliance (CSA). Our proposed scheme is tested on an OpenStack cloud to show a proof of concept of our integrity assurance system.

Source: Scopus