Abstract
Nowadays there are many offerings of cloud services all over the world which have various security requirements depending on their business use. The compliance of these cloud services with the predefined security policies should be proven. In a cloud infrastructure this is not an easy job, because of its immense complexity. This paper proposes an architecture which uses software agents as its core components to collect evidence across the different layers of cloud infrastructures (Cloud Managment System, Hypervisor, VM, etc.) and builds a chain of evidence to prove compliance with predefined security policies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Reich, P.D.C., Rübsamen, M.S.T.: Supporting cloud accountability by collecting evidence using audit agents. In: 2013 IEEE International Conference on Cloud Computing Technology and Science (2013)
Bellifemine, F.L., Caire, G., Greenwood, D.: Developing Multi-Agent Systems with JADE. Wiley Series in Agent Technology. Wiley, Chichester (2007)
Turner, P.: Unification of Digital Evidence from Disparate Sources (Digital Evidence Bags). QinetiQ
Schatz, B., Clark, A.: An open architecture for digital evidence integration. In: AusCERT Asia Pacific Information Technology Security Conference
Validating Cloud Infrastructure Changes by Cloud Audits
Nagios. www.nagios.com
New Relic. http://www.newrelic.com/
Cloud Control. www.cloudcontrol.com
App Fog. www.appfog.com
Italia, T.: Java Agent DEvelopement framework. http://jade.tilab.com
Poslad, S.: Specifying protocols for multi-agent systems interaction. ACM Trans. Auton. Adap. Syst. (TAAS) 2(4), 1–24 (2007)
Foundation for Intelligent Physical Agents. http://www.fipa.org/
Reddy, P.I.P., Damodaram, D.A.: Implementation of Agent Based Dynamic Distributed Service
Nikraz, M., Caireb, G., Bahri, P.A.: A Methodology for the Analysis and Design of Multi-agent Systems using JADE. Telecom Italia Lab
Jansen, W., Grance, T.: Guidelines on security and privacy in public cloud computing. National Institute of Standards and Technology, U.S. Department of Commerce (2011)
H2 Database Engine. http://www.h2database.com
Open Nebula. http://opennebula.org/
Tchamdjou, M.Y.D.E.: Agenten zur Erkennung von sensiblen Daten und deren Schutz. HFU, Technical report
Accountability for the Cloud. http://www.a4cloud.eu/
XACML - Extensible Access Control Markup Language. www.oasis-open.org/
Benghabrit, W., Grall, H., Royer, J.-C., Sellami, M., Azraoui, M., Elkhiyaoui, K., Önen, M., Santana De Oliveira, A., Bernsmed, K.: A cloud accountability policy representation framework. In: CLOSER - 4th International Conference on Cloud Computing and Services Science, Barcelone, Espagne (2014). http://hal.inria.fr/hal-00941872
Bradshaw, S., Cunningham, A., Luciano, L.D.C., Hon, W.K., Hörnle, J., Reed, C., Walden, I. In: Millard, C. (ed.) Cloud Computing Law. Oxford University Press, Oxford (2013)
Cloud Trust Protocol. https://cloudsecurityalliance.org/research/ctp/
Acknowledgment
This research is closely related to the A4Cloud Project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Ruf, P., Rübsamen, T., Reich, C. (2015). Agent-Based Evidence Collection in Cloud Computing. In: Felici, M., Fernández-Gago, C. (eds) Accountability and Security in the Cloud. A4Cloud 2014. Lecture Notes in Computer Science(), vol 8937. Springer, Cham. https://doi.org/10.1007/978-3-319-17199-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-17199-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17198-2
Online ISBN: 978-3-319-17199-9
eBook Packages: Computer ScienceComputer Science (R0)