Cloud Security Baselines
3.6 CLOUD ACCOUNTABILITY
One of the main motivations underlying cloud comput- ing systems is the possibility to outsource complex com- putation and to store large amounts of data. However, to this date users have few, if any, technical ways to actually check resource consumption and data storage status, once they are “shipped” to the cloud providers. Cloud providers do not allow users to observe their inner workings, and users have no reliable information about their data whereabouts or the status of their actual computation. While encryption can ensure confidenti- ality of outsourced data, and access control can enhance these guarantees by controlling who is accessing what portion of data (or, more generally, resources), ensuring integrity and verifying data usage are difficult.
To cope with these issues, accountability is an important security requirement in cloud systems. Accountability aims at providing a detective, rather
than preventive solution to cloud users [50]. The goal is
not to protect data privacy or control resource usage, but rather to verify who has obtained access to resources,
and how. According to Ruebsamen and Reich [51],
cloud accountability can help “make data process- ing in the cloud more transparent”, so that “captured data- lifecycle events can be matched against policies in audits and thereby show the customer, that his data are handled appropriately”.
Unlike privacy protection technologies, which are built on the hide-it-or-lose-it perspective, accountability focuses on keeping the data usage transparent and track- able. Traditional accountability methods focus on data collection and post-mortem analysis, and third-party audits. Typically, an accountability system will include data collection, through log collection and event moni- toring, followed by auditing and analysis of the collected evidence to detected possible anomalies or simply check
actual data lineage. However, as stated by Ko et al. [50],
cloud computing’s promise of elasticity empowered by virtualization introduces several new complexities in accountability, related to the ability of processing and monitoring multiple virtual and physical resources, connected in a highly dynamic fashion. Further, log collection becomes a challenging task in itself, due to the potentially limited trust assumed at remote nodes,
which may not be reliable enough to collect the evidence required for effective accountability.
Though the current industry practice is based on reg- ulatory and contractual agreements between clients and cloud providers to ensure resource and data account-
ability [52], researchers have investigated ways to
overcome the above challenges through technical means. A common approach is to rely on logs produced as part of the computation and storage process, possibly aug- mented with ad-hoc information necessary to track access and other actions against the data. Recent work has proposed doing so by using digital evidence bags to address interoperability and evidence integrity, while additional metadata can be used to facilitate evidence
processing [51]. Others have proposed using agents to
facilitate distributed data collection and provide a more
dynamic infrastructure [26,53].
A related body of work, aiming at addressing simi- lar security issues, is the growing literature on cloud provenance. Cloud provenance focuses on recording ownership and processing history of data objects, and it is considered a vital component to the success of data
forensics in cloud computing [54,55]. In particular,
researchers have highlighted that provenance can be a way to derive the so-called chain of custody, which should clearly depict how the data were collected, ana- lyzed, and preserved. This is particularly important for cloud forensics, i.e., in case of legal dispute, to ensure that provenance information is admissible as evidence in court. Among existing proposals, a recent proposal on provenance relies on the notion of provable data
possession (PDP) [26], which essentially builds crypto-
graphic proofs of data possession that can be verified at the client end.
3.7 SUMMARY
This chapter discussed the security baselines for cloud computing and how its distributed and networked environment can scale the number of security threats cloud software and data face. The same vulnerabili- ties, threats, and attacks from traditional computing apply to cloud computing, with additional threats coming from the use of virtualized resources and hypervisors. This chapter also discussed counter- measures for threats at several layers of abstraction. Finally, this chapter addressed privacy and security in cloud storage services and multiclouds, and cloud accountability.
The biggest research challenge in cloud security is how cloud providers can assure a level of security to cloud cli- ents. Cloud clients have no option but to trust their cloud providers, and they usually have no assurances on the level of security actually being provided.
REFERENCES
1. M. Bishop, Computer Security: Art and Science, Addison Wesley, 2003.
2. W. Stallings and L. Brown, Computer Security Principles
and Practice, Pearson, 2012.
3. M. Goodrich and R. Tamassia, Introduction to Computer
Security, Pearson, 2010.
4. B. Grobauer, T. Walloschek and E. Stocker, Understanding Cloud Computing Vulnerabilities, IEEE Security &
Privacy, vol. 9, no. 2, pp. 50–57, 2011.
5. Z. Su and G. Wassermann, The Essence of Command Injection Attacks in Web Applications, ACM SIGPLAN-
SIGACT Symposium on Principles of Programming (POPL), pp. 372–382, 2006.
6. G. Wassermann and Z. Su, Static Detection of Cross- Site Scripting Vulnerabilities, International Conference
on Software Engineering (ICSE), pp. 171–180, 2008.
7. A. Barth, C. Jackson and J. C. Mitchell, Robust Defenses for Cross-Site Request Forgery, Proceedings of the 15th
ACM Conference on Computer and Communications Security (CCS), 2008.
8. K.-S. Lhee and S. J. Chapin, Buffer Overflow and Format String Overflow Vulnerabilities, Software—Practice and
Experience, vol. 33, no. 5, pp. 423–460, 2003.
9. A. Kadav and M. M. Swift, Understanding Modern Device Drivers, Conference on Architectural Support
for Programming Languages and Operating Systems (ASPLOS), 2012.
10. A. Srivastava and J. Giffin, Efficient Monitoring of Untrusted Kernel-Mode Execution, Network and
Distributed System Security Symposium (NDSS), 2011.
11. X. Xiong, D. Tian and P. Liu, Practical Protection of Kernel Integrity, Network and Distributed System
Security Symposium (NDSS), 2011.
12. D. Oliveira, N. Wetzel, M. Bucci, D. Sullivan and Y. Jin, Hardware-Software Collaboration for Secure Coexistence with Kernel Extensions, ACM Applied
Computing Review Journal, vol. 14, no. 3, pp. 22–35, 2014.
13. K. Hashizume, D. G. Rosado, E. Fernández-Medina and E. B. Fernandez, An Analysis of Security Issues for Cloud Computing, Journal of Internet Services and
Applications, vol. 4, pp. 5, 2013.
14. L. Ertaul, S. Singhal and S. Gökay, Security Challenges in Cloud Computing, Proceedings of the International
Conference on Security and Management (SAM),
pp. 36–42, 2010.
15. M. Tehranipoor, H. Salmani and X. Zhang, Integrated
Circuit Authentication—Hardware Trojans and Counterfeit Detection, Springer, 2014.
16. J. Kurose and K. Ross, Computer Networking: A Top-
Down Approach, Pearson, 2012.
17. J. S. Reuben, A Survey on Virtual Machine Security, Helsinki University of Technology, 2007.
18. Atmel, Bits and Pieces, Symmetric vs. Asymmetric Encryption: Which Way Is Better?, 2013, available at http://blog.atmel.com/2013/03/11/symmetric-vs-asym- metric-encryption-which-way-is-better/.
19. Microsoft, Microsoft Technet, Encryption, 2015, avail- able at https://technet.microsoft.com/en-us/library/ Cc962028.aspx.
20. T. Erl, R. Puttini and Z. Mahmood, Cloud Computing:
Concepts, Technology & Architecture, Prentice Hall, 2013.
21. Z. Wang and X. Jiang, HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity, IEEE Symposium on Security and Privacy, pp. 380–395, 2010.
22. N. Santos, K. Gummadi and R. Rodrigues, Towards Trusted Cloud Computing, Conference on Hot Topics in
Cloud Computing, 2009.
23. F. Zhang, Y. Huang, H. Wang, H. Chen and B. Zang, PALM: Security Preserving VM Live Migration for Systems with VMM-Enforced Protection, Trusted
Infrastructure Technologies Conference, pp. 9–18,
2008.
24. N. Bridge, 2013 Future of Cloud Computing Survey Reveals Business Driving Cloud Adoption in Everything as a Service Era, 2013, available at http:// www.northbridge.com/2013-future-cloud- computing- survey-reveals-business-driving-cloud-adoption- everything-service-era-it.
25. A. Cavoukian, Privacy in the Clouds, Identity in the
Information Society, vol. 1, no. 1, pp. 89–108, 2008.
26. R. Gellman, Privacy in the Clouds: Risks to Privacy and
Confidentiality from Cloud Computing, World Privacy
Forum, 2009.
27. P. T. Jaeger, J. Lin and J. M. Grimes, Cloud Computing and Information Policy: Computing in a Policy Cloud?,
Journal of Information Technology and Politics, vol. 5,
no. 3, pp. 269–283, 2009.
28. S. Pearson and A. Charlesworth, Accountability as
a Way Forward for Privacy Protection in the Cloud,
Hewlett-Packard Development Company (HPL-2009– 178), 2009.
29. D. Lin and A. Squicciarini, Data Protection Models for Service Provisioning in the Cloud, Proceedings of the
15th ACM Symposium on Access Control Models and Technologies, pp. 183–192, 2010.
30. M. Nabeel, E. Bertino, M. Kantarcioglu and B. Thuraisingham, Towards Privacy Preserving Access Control in the Cloud, 7th International Conference on
Collaborative Computing: Networking, Applications and Worksharing (Collaborate Com), pp. 172–180, 2001.
31. M. Nabeel, N. Shang and E. Bertino, Privacy Preserving Policy-Based Content Sharing in Public Clouds, IEEE
Transaction on Knowledge and Data Engineering,
32. N. Shang, M. Nabeel, F. Paci and E. Bertino, A Privacy-Preserving Approach to Policy-Based Content Dissemination, IEEE 26th International Conference on
Data Engineering (ICDE), pp. 944–955, 2010.
33. A. Sahai and B. Waters, Fuzzy Identity-Based Encryption,
Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT), pp. 457–473, 2005.
34. S. Sundareswaran, A. Squicciarini, D. Lin and S. Huang, Ensuring Distributed Accountability for Data Sharing in the Cloud, IEEE Transactions on Dependable and Secure
Computing (TDSC), vol. 9, no. 4, pp. 556–568, 2012.
35. M. Bawa, R. J. Bayardo, R. Agrawal and J. Vaidya, Privacy-Preserving Indexing of Documents on the Network, Very Large Data Base Journal, vol. 18, no. 4, pp. 837–856, 2009.
36. Y.-C. Chang and M. Mitzenmacher, Privacy Preserving Keyword Searches on Remote Encrypted Data, 2004.
37. Z. Yang and S. Z. N. Wright., Towards Privacy- Preserving Model Selection, PinKDD, pp. 138–152, 2007.
38. A. Squicciarini, S. Sundareswaran and D. Lin, Preventing Information Leakage from Indexing in the Cloud, IEEE
International Conference on Cloud Computing, 2010.
39. J. Weinman, Will Multiple Clouds Evolve into the Intercloud?, 2013, available at http://www.wired.com.
40. Y. Zhu, H. Hu, G.-J. Ahn and M. Yu, Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage, IEEE Transactions on Parallel
Distributed Systems, vol. 23, no. 12, pp. 2231–2244, 2012.
41. D. Owens, Securing Elasticity in the Cloud,
Communications of the ACM, vol. 53, pp. 46–51, 2010.
42. D. X. Song, D. Wagner and A. Perrig, Practical Techniques for Searches on Encrypted Data, IEEE
Symposium on Security and Privacy, pp. 44–55, 2000.
43. S. Kamara and K. Lauter, Cryptographic Cloud Storage,
Financial Cryptography and Data Security, Ser. Lecture Notes in Computer Science, vol. 6054, pp. 136–149, 2010.
44. R. Curtmola, J. A. Garay, S. Kamara and R. Ostrovsky, Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions, ACM Conference on Computer
and Communications Security (CCS), pp. 79–88, 2006.
45. H. Blodget, Amazon’s Cloud Crash Disaster Permanently Destroyed Many Customers’, 2011.
46. B. Chen, R. Curtmola, G. Ateniese and R. Burns, Remote Data Checking for Network Coding-Based Distributed Storage Systems, ACM Workshop on Cloud Computing
Security, pp. 31–42, 2010.
47. Y. Hu, Y. Xu, X. Wang, C. Zhan and P. Li, Cooperative Recovery of Distributed Storage Systems from Multiple Losses with Network Coding, IEEE Journal on Selected
Areas in Communications, vol. 28, pp. 268–276, 2010.
48. J. Li, D. Lin, A. Squicciarini and C. Jia, STRE: Privacy- Preserving Storage and Retrieval over Multiple Clouds,
10th International Conference on Security and Privacy in Communication Networks (SecureComm), 2014.
49. S. Kamara, C. Papamanthou and T. Roeder, Dynamic Searchable Symmetric Encryption, ACM Conference on
Computer and Communications Security, pp. 965–976,
2012.
50. R. K. L. Ko, et al., TrustCloud: A Framework for Accountability and Trust in Cloud Computing, IEEE
World Congress on Services, 2011.
51. T. Ruebsamen and C. Reich, Supporting Cloud Accountability by Collecting Evidence Using Audit Agents, IEEE 5th International Conference on Cloud
Computing Technology and Science (CloudCom), vol. 1,
2013.
52. S. Pearson, Toward Accountability in the Cloud, IEEE
Internet Computing, vol. 4, pp. 64–69, 2011.
53. S. Sundareswaran, A. C. Squicciarini and D. Lin, Ensuring Distributed Accountability for Data Sharing in the Cloud, IEEE Transactions on Dependable and
Secure Computing, pp. 556–568, 2012.
54. R. Lu, X. Lin, X. Liang and X. Shen, Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing, 5th ACM Symposium on Information,
Computer and Communications Security (ASIACCS),
pp. 282–292, 2010.
55. M. R. Asghar, M. Ion, G. Russello and B. Crispo, Securing Data Provenance in the Cloud, Proceedings
of the IFIP WG 11.4 International Conference on Open Problems in Network Security (iNetSec), 2011.
45