Conclusions

The main contribution of this chapter was to present a background and literature review for the thesis. This chapter discussed the denitions of cloud computing and IaaS, the problems of IaaS, the CSA threats, how the accountability and monitoring with logging systems assists in mitigating the risks associated with CSA threats, and an overview of the concepts of systematic provision of logging systems to support accountability in IaaS.

Chapter 3

Generic Logging Components for

Infrastructure as a Service (IaaS)

Cloud

This chapter addresses Gap 1 (c) which is the lack of security analysis of the logging systems themselves before the deployment of the systems in to the IaaS real world productions, as discussed in Section1.2. The previous chapter provided the holistic representation of the environment of logging systems in the cloud. This representation is utilised as the basis for the design of a generic framework of logging solutions to mitigate the risks associated with CSA threats (Objective 2). We call this framework generic logging components for infrastructure as a service or IaaS cloud.

Thus, the main contribution of this chapter is these generic logging compo- nents. To facilitate systematic support for accountability in the cloud, these generic logging components provide ways to build logging systems. The value of these generic logging components is to encompass all possible instantiations of logging solutions for IaaS cloud, and to provide a clear view of all components that relate to logging systems in IaaS. This view provides a basis for the analysis of logging systems' security before deployment. Thus, these generic logging com- ponents enable logging systems to be appropriately designed or manipulated by participating cloud parties such as a provider, customer, or auditor. As result,

this enhances systematic support for accountability in the could.

The remainder of the chapter is structured as follows. Section 3.1 discusses why we need generic logging components for accountability in IaaS. Section 3.2

discusses importance of security analysis of logging systems in IaaS. Then, Section

3.3 proposes generic logging components of IaaS cloud. This section provides the details of the generic logging components and each component. Then the section discusses how these components assist in analysing of the security of logging systems. The analysis include integrity and privacy issues of a logging system.

Section 3.4 provides two case studies of how to use the generic logging com- ponents, and discussion relates to the case studies. This section includes a case study of mapping HP Flogger on the generic logging components for the purposes of security analysis include integrity and privacy issues of Flogger system, a case study of an identication of the appropriate logging system based on the generic logging components to mitigate the risks associated with CSA threat 1, discussion of possible solutions of the security issue of log les as F3 in the logging system in the spam case study, and discussion of to detect other forms of attacks of threat 1 using logging solutions.

Section 3.5 provides evaluation and discussion of the generic logging com- ponents. The section includes an evaluation of the generic logging components against how these components satisfy their goals, and many other discussions of the generic logging components, which aect many aspects of logging systems in IaaS, as well as PaaS such as applying the generic logging components to mitigate risks associated with CSA threats for PaaS, and a TCB size measurement of a logging system in the cloud based on the generic logging components. Finally, the chapter is briey summarized and concluded in Section 3.6.

3.1 The need for generic logging components for

accountability in IaaS

This section discusses why we need generic logging components for the account- ability in IaaS.

the union of all possible logging architectures that could be instantiated. In that sense, the generic logging components by themselves are not meant to be implemented, but oer the building blocks from which one can choose to create an actual logging solution. Moreover, with respect to faster system development, the generic logging components are exible and implementation independent, and provides reuse-ability. Importantly, it can be used as a tool for security analysis of logging systems in IaaS, as will be discussed in Section 3.2. It could be a starting point of building accountability systems to address lack of trust in an IaaS.

3.2 The need for security analysis of logging sys-

tems in IaaS

This section discusses importance of security analysis of logging systems in IaaS. [82] state that an important obstacle to users in adapting into cloud computing is security and privacy issues. They also argue that to realise the prosperity in cloud computing literature, those issues need to be addressed beforehand. This perspective can be applied to the logging process as well: security and privacy issues of the logging systems have to be resolved before using them.

The security analysis of logging systems themselves is very important because the logging processes and log les are critical components and so they need to satisfy a set of security properties such as integrity and privacy. Hence, with- out the security analysis of logging systems, it could be dicult to eectively and eciently build and deploy logging systems that can satisfy those security properties.

An IaaS environment, which involves virtualisation and more than one party, makes the security analysis of logging systems more complicated than one within a private organisation. Haeberlen [8] pointed out that one of the research challenges of the accountable cloud is that it needs to have mechanisms to allow legacy users to access the logging machine which deploys logging processes, but not to maintain the log les. Crosby and Wallach [83] agreed that ensuring the integrity of the log les is a critical part of a larger system.

This thesis considers the security analysis of logging systems as a signicant criterion to establish the goals of the generic logging components as will be dis- cussed in Section3.3.1. Then, this chapter focuses on where the logging processes and log les can precisely be inside the IaaS architecture. This is because the lo- cations of these components in the IaaS can directly and signicantly aect the security concerns of these components.