TY - GEN
T1 - A generic logging template for infrastructure as a service cloud
AU - Wongthai, Winai
AU - Rocha, Francisco Liberal
AU - Van Moorsel, Aad
PY - 2013
Y1 - 2013
N2 - Infrastructure as a Service (IaaS) consists of a cloud-based infrastructure to offer consumers raw computation resources such as storage and networking. These resources are billed using a pay-per-use cost model. However, this type of infrastructure is far from being a security haven as the seven main threats defined by the Cloud Security Alliance (CSA) indicate. Using logging systems can provide evidence to support accountability for an IaaS cloud, which helps us mitigating known threats. In this paper, we research to which extent such logging systems help mitigate risks associated with the threats identified by the CSA. A generic architecture 'template' for logging systems is proposed. This template encompasses all possible instantiations of logging solutions for IaaS cloud. We map existing logging systems to our generic template, and identify a logging solution to mitigate the risks associated with CSA threat number one (related to spam activities). We then argue that the template we suggest can be used to perform a systematic analysis of logging systems in terms of security before deploying them in production systems.
AB - Infrastructure as a Service (IaaS) consists of a cloud-based infrastructure to offer consumers raw computation resources such as storage and networking. These resources are billed using a pay-per-use cost model. However, this type of infrastructure is far from being a security haven as the seven main threats defined by the Cloud Security Alliance (CSA) indicate. Using logging systems can provide evidence to support accountability for an IaaS cloud, which helps us mitigating known threats. In this paper, we research to which extent such logging systems help mitigate risks associated with the threats identified by the CSA. A generic architecture 'template' for logging systems is proposed. This template encompasses all possible instantiations of logging solutions for IaaS cloud. We map existing logging systems to our generic template, and identify a logging solution to mitigate the risks associated with CSA threat number one (related to spam activities). We then argue that the template we suggest can be used to perform a systematic analysis of logging systems in terms of security before deploying them in production systems.
KW - cloud monitoring
KW - IaaS
KW - logging system
UR - https://www.scopus.com/pages/publications/84881450786
U2 - 10.1109/WAINA.2013.108
DO - 10.1109/WAINA.2013.108
M3 - Conference contribution
AN - SCOPUS:84881450786
SN - 9780769549521
T3 - Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
SP - 1153
EP - 1160
BT - Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
T2 - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
Y2 - 25 March 2013 through 28 March 2013
ER -