Secure Evidence Collection and Storage for Cloud Accountability Audits

Thomas Ruebsamen; Tobias Pulls; Christoph Reich

doi:10.5220/0005408403210330

Secure Evidence Collection and Storage for Cloud Accountability Audits

Thomas Ruebsamen, Tobias Pulls, Christoph Reich

2015

Abstract

Cloud accountability audits can be used to strengthen trust of cloud service customers in cloud computing by providing reassurance regarding the correct processing of personal or confidential data in the cloud. However, such audits require various information to be collected. The types of information range from authentication and data access logging to location information, information on security controls and incident detection. Correct data processing has to be proven, which immediately shows the need for secure evidence record storage that also scales with the huge number of data sources as well as cloud customers. In this paper, we introduce Insyndãs a suitable cryptographic mechanism for storing evidence for accountability audits in our previously proposed cloud accountability audits architecture. We present our reasoning for choosing Insynd by showing a comparison of Insynd properties with requirements imposed by accountability evidence collection as well as an analysis how security threats are being mitigated by Insynd. Additionally, we describe an agent-based evidence collection process with a special focus on security and privacy protection.

Download

Paper Citation

in Harvard Style

Ruebsamen T., Pulls T. and Reich C. (2015). Secure Evidence Collection and Storage for Cloud Accountability Audits . In Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-104-5, pages 321-330. DOI: 10.5220/0005408403210330

in Bibtex Style

@conference{closer15,
author={Thomas Ruebsamen and Tobias Pulls and Christoph Reich},
title={Secure Evidence Collection and Storage for Cloud Accountability Audits},
booktitle={Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2015},
pages={321-330},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005408403210330},
isbn={978-989-758-104-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Secure Evidence Collection and Storage for Cloud Accountability Audits
SN - 978-989-758-104-5
AU - Ruebsamen T.
AU - Pulls T.
AU - Reich C.
PY - 2015
SP - 321
EP - 330
DO - 10.5220/0005408403210330