Computer Science ›› 2017, Vol. 44 ›› Issue (7): 16-20.doi: 10.11896/j.issn.1002-137X.2017.07.003

Previous Articles     Next Articles

Review on Security Audit Technology for Cloud Computing

WANG Wen-juan, DU Xue-hui, WANG Na and SHAN Di-bin   

  • Online:2018-11-13 Published:2018-11-13

Abstract: Now the security concern has become a huge impediment to the development of cloud computing.Due to the specific characteristics such as data and service outsourcing,virtualization,multi-tenant and cross domain sharing,the cloud computing environment faces more complicated threats compared with traditional IT environment,and the security audit technology also needs higher demands.Firstly,this paper analyzed the main challenges that cloud security audit confronts with,proposed a security audit technology framework in cloud environment which provides all-around examination from four dimensions such as user dimension,business dimension,data dimension,infrastructure dimension.Then according to different dimensions,the studies were reviewed from three aspects including log audit,storage audit and configuration audit,in order to provide useful reference to the development research of security audit for cloud computing in our country.

Key words: Cloud computing,Security audit,Log audit,Storage audit,Configuration audit

[1] MELL P,GRANCE T.NIST Definition of Cloud Computing,Sp.Publication 800-145.2011.http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.
[2] The Notorious Nine:Cloud Computing Top Threats in 2013[EB/OL].http://www.cloudsecurityalliance.org/group/top-threats.
[3] LibVMI.http://github.com/libvmi/ libvmi.
[4] LUO J Z,JIN J H,SONG A B,et al.Cloud computing:architecture and key technologies[J].Journal on Communications,2011,32(7):3-21.(in Chinese) 罗军舟,金嘉晖,宋爱波,等.云计算:体系架构与关键技术[J].通信学报,2011,32(7):3-21.
[5] FENG C S,QIN Z G,YUAN D.Techniques of Secure Storage for Cloud Data[J].Chinese Juounal of Computer,2015,38(1):150-163.(in Chinese) 冯朝胜,秦志光,袁丁.云数据安全存储技术[J].计算机学报,2015,38(1):150-163.
[6] CHEN Y R.Research on User Behavior Authentication and Security Control in Cloud Computing[D].Beijing:University of Science and Technology Beijing,2012.(in Chinese) 陈亚睿.云计算环境下用户行为认证与安全控制研究[D].北京:北京科技大学,2012.
[7] FENG D G,ZHANG M,ZHANG Y,et al.Study on Cloud Computing Security[J].Journal of Software,2011,22(1):71-83.(in Chinese) 冯登国,张敏,张妍,等.云计算安全研究[J].软件学报,2011,2(1):71-83.
[8] LUNA G J,LANGENBERG R,SURI N.Benchmarking cloudsecurity level agreements using quantitative policy trees [C]∥ACM Workshop on Cloud Computing Security Workshop.2012:103-112.
[9] SHETTY S.Auditing and Analysis of Network Traffic in Cloud Environment[C]∥IEEE Ninth World Congress on Services.2013:235-258.
[10] BIRNBAUM Z,LIU B,DOLGIKH A,et al.Cloud Security Auditing Based on Behavioral Modeling[J].International Journal of Business Process Integration & Management,2013,7(2):268-273.
[11] GANJALI A,LIE D.Auditing Cloud Administrators Using Information Flow Tracking[C]∥Proceedings of the 7th ACM Workshop on Scalable Trusted Computing.2012:79-84.
[12] WANG X,ZHANG J,WANG M,et al.CDCAS:A Novel Cloud Data Center Security Auditing System[C]∥IEEE International Conference on Services Computing.IEEE,2014:605-612.
[13] BIRK D,WEGENER C.Technical Issues of Forensic Investigations in Cloud Computing Environments[C]∥IEEE Sixth International Workshop on Systematic Approaches To Digital Forensic Engineering.IEEE,2011:1-10.
[14] ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]∥ACM Conference on Computer and Communications Security.ACM,2007:598-609.
[15] ATENIESE G,PIETRO R D,MANCINI L V,et al.Scalable and Efficient Provable Data Possession[C]∥Proceedings of the 4th International Conference on Security and Privacy in Communication Networks.ACM,2008:1-10.
[16] JUELS A,KALISKI B S.Pors:proofs of retrievability for large files[C]∥ACM Conference on Computer and Communications Security.ACM,2007:584-597.
[17] WANG C,CHOW S S M,WANG Q,et al.Privacy-PreservingPublic Auditing for Secure Cloud Storage[J].IEEE Transactions on Computers,2013,2009(2):362-375.
[18] WANG Q,WANG C,LI J,et al.Enabling Public Verifiabilityand Data Dynamics for Storage Security in Cloud Computing[C]∥European Conference on Research in Computer Security.Sprin-ger-Verlag,2009:355-370.
[19] ZHU Y,WANG H,HU Z,et al.Dynamic audit services for integrity verification of outsourced storages in clouds[C]∥Proc.of the 2011 ACM Symposium on Applied Computing(SAC).2011:1550-1557.
[20] KAI H,CHUANHE H,JINHAI W,et al.An Efficient PublicBatch Auditing Protocol for Data Security in Multi-cloud Sto-rage[C]∥Chinagrid Conference.IEEE Computer Society,2013:51-56.
[21] YANG K,JIA X.An Efficient and Secure Dynamic AuditingProtocol for Data Storage in Cloud Computing[J].IEEE Transa-ctions on Parallel & Distributed Systems,2013,24(9):1717-1726.
[22] HE K,HUANG C H,WANG X M,et al.Aggregated privacy-preserving auditing for cloud data integrity[J].Journal on Communications,2015,6(10):119-132.(in Chinese) 何凯,黄传河,王小毛,等.云存储中数据完整性的聚合盲审计方法[J].通信学报,2015,6(10):119-132.
[23] BLEIKERTZ S,SCHUNTER M.Security audits of multi-tiervirtual infrastructures in public infrastructure clouds[C]∥Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop.New York:ACM Press,2010:93-102.
[24] BLEIKERTZ S.Automated Security Analysis of Infrastructure Clouds[J].Institutt for Telematikk,2010,18:113-122.
[25] DOELITZSCHER F,FISHER C,MOSKAL D,et al.Validating Cloud Infrastructure Changes by Cloud Audits[C]∥Services.2012:377-384.
[26] DOELITZSCHER F,REICH C,KNAHL M,et al.An agentbased business aware incident detection system for cloud environments[J].Journal of Cloud Computing,2012,1(1):1-19.
[27] MADI T,MAJUMDAR S,WANG Y,et al.Auditing Security Compliance of the Virtualized Infrastructure in the Cloud:Application to OpenStack[C]∥ACM Conference on Data and Application Security and Privacy.ACM,2016:195-206.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!