Adopting an Agent and Event Driven Approach for Enabling Mutual Auditability and Security Transparency in Cloud based Services

Moussa Ouedraogo; Eric Dubois; Djamel Khadraoui; Sebastien Poggi; Benoit Chenal

doi:10.5220/0005496205650572

Adopting an Agent and Event Driven Approach for Enabling Mutual Auditability and Security Transparency in Cloud based Services

Moussa Ouedraogo, Eric Dubois, Djamel Khadraoui, Sebastien Poggi, Benoit Chenal

2015

Abstract

We propose an event-driven approach for the automated audit of cloud based services security. The proposed approach is a solution to two of the intrinsic security issues of cloud based services, notably the need of security transparency and mutual auditability amongst the stakeholders. We leverage a logic based event specification language to represent patterns of events which occurrence can be evidence of security anomaly or breach or simply a sign of a nefarious use of the cloud infrastructure by some of its users. The use of dedicated algorithms for the detection of composite events coalesced with the definition of primitive events structure based on XCCDF format ensures the reuse and interoperability with security audit tools based on the Security Content and Automation Protocol-SCAP. The implementation and application of the approach on a cloud service dealing with electronic archiving have demonstrated its feasibility and viability.

Download

Paper Citation

in Harvard Style

Ouedraogo M., Dubois E., Khadraoui D., Poggi S. and Chenal B. (2015). Adopting an Agent and Event Driven Approach for Enabling Mutual Auditability and Security Transparency in Cloud based Services . In Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-104-5, pages 565-572. DOI: 10.5220/0005496205650572

in Bibtex Style

@conference{closer15,
author={Moussa Ouedraogo and Eric Dubois and Djamel Khadraoui and Sebastien Poggi and Benoit Chenal},
title={Adopting an Agent and Event Driven Approach for Enabling Mutual Auditability and Security Transparency in Cloud based Services},
booktitle={Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2015},
pages={565-572},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005496205650572},
isbn={978-989-758-104-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Adopting an Agent and Event Driven Approach for Enabling Mutual Auditability and Security Transparency in Cloud based Services
SN - 978-989-758-104-5
AU - Ouedraogo M.
AU - Dubois E.
AU - Khadraoui D.
AU - Poggi S.
AU - Chenal B.
PY - 2015
SP - 565
EP - 572
DO - 10.5220/0005496205650572