Accountability for Federated Clouds
The evolution of software service delivery has changed the way accountability is performed. The complexity related to cloud computing environments increases the difficulty in properly performing accountability, since the evidences are spread through the whole infrastructure, from different servers at physical, virtualization, and application layers. This complexity increases when we are considering cloud federation because besides the inherent complexity of the virtualized environment, the federation members may not implement the same security procedures and policies. The main objective of this chapter is to present concepts about cloud security, discussing why accountability in federated scenarios is important and hard to provide, and propose an accountability framework, named CloudAcc, that supports audit, management, planning and billing process in federated cloud environments.
- 7.Castelluccia, C., Druschel, P., Hübner, S., Pasic, A., Preneel, B., & Tschofenig, H. (2011). Privacy, accountability and trust-challenges and opportunities. ENISA [Online]. Available: http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/pat-study/atdownload/fullReport.
- 9.Erl, T. (2008). Soa: Principles of service design (Vol. 1). Upper Saddle River: Prentice Hall.Google Scholar
- 14.Malhotra, A., Van Gundy, M., Varia, M., Kennedy, H., Gardner, J., & Goldberg, S. (2016). The security of NTP’s datagram protocol. Cryptology ePrint Archive, Report 2016/055. http://eprint.iacr.org/2016/055.
- 15.Mell, P., & Grance, T. (2011). The NIST definition of cloud computing [online]. Available: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.Google Scholar
- 16.Nakahara, S., & Ishimoto, H. (2010). A study on the requirements of accountable cloud services and log management. In 2010 8th Asia-Pacific Symposium on Information and Telecommunication Technologies (APSITT) (pp. 1–6). New York: IEEE.Google Scholar
- 17.National Security Agency and Central Security Service. (2016). Information assurance directorate. https://cryptome.org/2016/01/CNSA-Suite-and-Quantum-Computing-FAQ.pdf, Accessed: 2016-09-27.
- 21.Rodrigues, T. G. (2016). Cloudacc: A cloud-based accountability frameworkfor federated cloud. PhD Thesis.Google Scholar
- 22.Sklavos, N., & Souras, P. (2006). Economic models & approaches in information security for computer networks. IJ Network Security, 2(1), 14–20.Google Scholar