Browse by author
Lookup NU author(s): Winai Wongthai, Francisco Rocha Liberal Rocha, Professor Aad van Moorsel
Infrastructure as a Service (IaaS) consists of a cloud-based infrastructure to offer consumers raw computation resources such as storage and networking. These resources are billed using a pay-per-use cost model. However, this type of infrastructure is far from being a security haven as the seven main threats defined by the Cloud Security Alliance (CSA)indicate. Using logging systems can provide evidence to support accountability for an IaaS cloud, which helps us mitigating known threats. In this paper, we research to which extent such logging systems help mitigate risks associated with the threats identified by the CSA. A generic architecture 'template' for logging systems is proposed. This template encompasses all possible instantiations of logging solutions for IaaS cloud. We map existing logging systems to our generic template, and identify a logging solution to mitigate the risks associated with CSA threat number one (related to spam activities). We then argue that the template we suggest can be used to perform a systematic analysis of logging systems in terms of security before deploying them in production systems.
Author(s): Wongthai W, Liberal Rocha F, van Moorsel A
Publication type: Report
Publication status: Published
Series Title: School of Computing Science Technical Report Series
Year: 2013
Pages: 11
Print publication date: 01/01/2013
Source Publication Date: 01-01-2013
Report Number: 1367
Institution: Newcastle University
Place Published: Newcastle upon Tyne
URL: http://www.cs.ncl.ac.uk/publications/trs/papers/1367.pdf
