Secure Evidence Collection and Storage for Cloud Accountability Audits
Cloud accountability audits can be used to strengthen trust of cloud service customers in cloud computing by providing reassurance regarding the correct processing of personal or confidential data in the cloud. However, such audits require various information to be collected. The types of information range from authentication and data access logging to location information, information on security controls and incident detection. Correct data processing has to be proven, which immediately shows the need for secure evidence record storage that also scales with the huge number of data sources as well as cloud customers. In this paper, we introduce Insyndãs a suitable cryptographic mechanism for storing evidence for accountability audits in our previously proposed cloud accountability audits architecture. We present our reasoning for choosing Insynd by showing a comparison of Insynd properties with requirements imposed by accountability evidence collection as well as an analysis how security threats are being mitigated by Insynd. Additionally, we describe an agent-based evidence collection process with a special focus on security and privacy protection.
Ruebsamen T., Pulls T. and Reich C., "Secure Evidence Collection and Storage for Cloud Accountability Audits", in Proceedings of the 5th International Conference on Cloud Computing and Services Science, Page(s): 321-330, 2015, Lisbon, Portugal, ISBN 978-989-758-104-5, SCITEPRESS, DOI: 10.5220/0005408403210330.