Planned maintenance
A system upgrade is planned for 10/12-2024, at 12:00-13:00. During this time DiVA will be unavailable.
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Security and Privacy Preservation of Evidence in Cloud Accountability Audits
Furtwangen University, Germany.
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0000-0001-6459-8409
Furtwangen University, Germany.
2016 (English)In: Cloud Computing And Services Science, Closer 2015, 2016, p. 95-114Conference paper, Published paper (Refereed)
Resource type
Text
Abstract [en]

Cloud accountability audits are promising to strengthen trust in cloud computing by providing reassurance about the processing data in the cloud according to data handling and privacy policies. To effectively automate cloud accountability audits, various distributed evidence sources need to be considered during evaluation. The types of information range from authentication and data access logging to location information, information on security controls and incident detection. Securing that information quickly becomes a challenge in the system design, when the evidence that is needed for the audit is deemed sensitive or confidential information. This means that securing the evidence at-rest as well as in-transit is of utmost importance. In this paper, we present a system that is based on distributed software agents which enables secure evidence collection with the purpose of automated evaluation during cloud accountability audits. We thereby present the integration of Insynd as a suitable cryptographic mechanism for securing evidence. We present our reasoning for choosing Insynd by showing a comparison of Insynd properties with requirements imposed by accountability evidence collection as well as an analysis how security threats are being mitigated by Insynd. We put special emphasis on security and privacy protection in our system analysis.

Place, publisher, year, edition, pages
2016. p. 95-114
Series
Communications in Computer and Information Science, ISSN 1865-0929 ; 581
Keywords [en]
Cloud Computing, Virtual Machine, Cloud Service, Audit Task, Collection Agent
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-41203DOI: 10.1007/978-3-319-29582-4_6ISI: 000371383500006ISBN: 978-3-319-29582-4 (electronic)ISBN: 978-3-319-29581-7 (print)OAI: oai:DiVA.org:kau-41203DiVA, id: diva2:916335
Conference
5th International Conference on Cloud Computing and Services Science (CLOSER), MAY 20-22, 2015, Lisbon, PORTUGAL
Available from: 2016-04-01 Created: 2016-04-01 Last updated: 2019-12-19Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records

Pulls, Tobias

Search in DiVA

By author/editor
Pulls, Tobias
By organisation
Department of Mathematics and Computer Science (from 2013)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 720 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf