Toggle Main Menu Toggle Search

Open Access padlockePrints

A Generic Logging Template for Infrastructure as a Service Cloud

Lookup NU author(s): Winai Wongthai, Francisco Rocha Liberal Rocha, Professor Aad van Moorsel



Infrastructure as a Service (IaaS) consists of a cloud-based infrastructure to offer consumers raw computation resources such as storage and networking. These resources are billed using a pay-per-use cost model. However, this type of infrastructure is far from being a security haven as the seven main threats defined by the Cloud Security Alliance (CSA)indicate. Using logging systems can provide evidence to support accountability for an IaaS cloud, which helps us mitigating known threats. In this paper, we research to which extent such logging systems help mitigate risks associated with the threats identified by the CSA. A generic architecture 'template' for logging systems is proposed. This template encompasses all possible instantiations of logging solutions for IaaS cloud. We map existing logging systems to our generic template, and identify a logging solution to mitigate the risks associated with CSA threat number one (related to spam activities). We then argue that the template we suggest can be used to perform a systematic analysis of logging systems in terms of security before deploying them in production systems.

Publication metadata

Author(s): Wongthai W, Liberal Rocha F, van Moorsel A

Publication type: Report

Publication status: Published

Series Title: School of Computing Science Technical Report Series

Year: 2013

Pages: 11

Print publication date: 01/01/2013

Source Publication Date: 01-01-2013

Report Number: 1367

Institution: Newcastle University

Place Published: Newcastle upon Tyne