Advertisement

Agent-Based Evidence Collection in Cloud Computing

  • Philipp Ruf
  • Thomas Rübsamen
  • Christoph Reich
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8937)

Abstract

Nowadays there are many offerings of cloud services all over the world which have various security requirements depending on their business use. The compliance of these cloud services with the predefined security policies should be proven. In a cloud infrastructure this is not an easy job, because of its immense complexity. This paper proposes an architecture which uses software agents as its core components to collect evidence across the different layers of cloud infrastructures (Cloud Managment System, Hypervisor, VM, etc.) and builds a chain of evidence to prove compliance with predefined security policies.

Keywords

Cloud computing Evidence Persistence Accountability Audit 

Notes

Acknowledgment

This research is closely related to the A4Cloud Project.

References

  1. 1.
    Reich, P.D.C., Rübsamen, M.S.T.: Supporting cloud accountability by collecting evidence using audit agents. In: 2013 IEEE International Conference on Cloud Computing Technology and Science (2013)Google Scholar
  2. 2.
    Bellifemine, F.L., Caire, G., Greenwood, D.: Developing Multi-Agent Systems with JADE. Wiley Series in Agent Technology. Wiley, Chichester (2007)CrossRefGoogle Scholar
  3. 3.
    Turner, P.: Unification of Digital Evidence from Disparate Sources (Digital Evidence Bags). QinetiQGoogle Scholar
  4. 4.
    Schatz, B., Clark, A.: An open architecture for digital evidence integration. In: AusCERT Asia Pacific Information Technology Security ConferenceGoogle Scholar
  5. 5.
    Validating Cloud Infrastructure Changes by Cloud AuditsGoogle Scholar
  6. 6.
  7. 7.
  8. 8.
    Cloud Control. www.cloudcontrol.com
  9. 9.
    App Fog. www.appfog.com
  10. 10.
    Italia, T.: Java Agent DEvelopement framework. http://jade.tilab.com
  11. 11.
    Poslad, S.: Specifying protocols for multi-agent systems interaction. ACM Trans. Auton. Adap. Syst. (TAAS) 2(4), 1–24 (2007)Google Scholar
  12. 12.
    Foundation for Intelligent Physical Agents. http://www.fipa.org/
  13. 13.
    Reddy, P.I.P., Damodaram, D.A.: Implementation of Agent Based Dynamic Distributed ServiceGoogle Scholar
  14. 14.
    Nikraz, M., Caireb, G., Bahri, P.A.: A Methodology for the Analysis and Design of Multi-agent Systems using JADE. Telecom Italia LabGoogle Scholar
  15. 15.
    Jansen, W., Grance, T.: Guidelines on security and privacy in public cloud computing. National Institute of Standards and Technology, U.S. Department of Commerce (2011)Google Scholar
  16. 16.
    H2 Database Engine. http://www.h2database.com
  17. 17.
  18. 18.
    Tchamdjou, M.Y.D.E.: Agenten zur Erkennung von sensiblen Daten und deren Schutz. HFU, Technical reportGoogle Scholar
  19. 19.
    Accountability for the Cloud. http://www.a4cloud.eu/
  20. 20.
    XACML - Extensible Access Control Markup Language. www.oasis-open.org/
  21. 21.
    Benghabrit, W., Grall, H., Royer, J.-C., Sellami, M., Azraoui, M., Elkhiyaoui, K., Önen, M., Santana De Oliveira, A., Bernsmed, K.: A cloud accountability policy representation framework. In: CLOSER - 4th International Conference on Cloud Computing and Services Science, Barcelone, Espagne (2014). http://hal.inria.fr/hal-00941872
  22. 22.
    Bradshaw, S., Cunningham, A., Luciano, L.D.C., Hon, W.K., Hörnle, J., Reed, C., Walden, I. In: Millard, C. (ed.) Cloud Computing Law. Oxford University Press, Oxford (2013)Google Scholar
  23. 23.

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Philipp Ruf
    • 1
  • Thomas Rübsamen
    • 1
  • Christoph Reich
    • 1
  1. 1.Cloud Research LabFurtwangen University of Applied ScienceFurtwangenGermany

Personalised recommendations