NexTech 2021 Congress
October 03, 2021 to October 07, 2021 - Barcelona, Spain

  • UBICOMM 2021, The Fifteenth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies
  • ADVCOMP 2021, The Fifteenth International Conference on Advanced Engineering Computing and Applications in Sciences
  • SEMAPRO 2021, The Fifteenth International Conference on Advances in Semantic Processing
  • AMBIENT 2021, The Eleventh International Conference on Ambient Computing, Applications, Services and Technologies
  • EMERGING 2021, The Thirteenth International Conference on Emerging Networks and Systems Intelligence
  • DATA ANALYTICS 2021, The Tenth International Conference on Data Analytics
  • GLOBAL HEALTH 2021, The Tenth International Conference on Global Health Challenges
  • CYBER 2021, The Sixth International Conference on Cyber-Technologies and Cyber-Systems

SoftNet 2021 Congress
October 03, 2021 to October 07, 2021 - Barcelona, Spain

  • ICSEA 2021, The Sixteenth International Conference on Software Engineering Advances
  • ICSNC 2021, The Sixteenth International Conference on Systems and Networks Communications
  • CENTRIC 2021, The Fourteenth International Conference on Advances in Human-oriented and Personalized Mechanisms, Technologies, and Services
  • VALID 2021, The Thirteenth International Conference on Advances in System Testing and Validation Lifecycle
  • SIMUL 2021, The Thirteenth International Conference on Advances in System Simulation
  • SOTICS 2021, The Eleventh International Conference on Social Media Technologies, Communication, and Informatics
  • INNOV 2021, The Tenth International Conference on Communications, Computation, Networks and Technologies
  • HEALTHINFO 2021, The Sixth International Conference on Informatics and Assistive Technologies for Health-Care, Medical Support and Wellbeing

NetWare 2021 Congress
November 14, 2021 to November 18, 2021 - Athens, Greece

  • SENSORCOMM 2021, The Fifteenth International Conference on Sensor Technologies and Applications
  • SENSORDEVICES 2021, The Twelfth International Conference on Sensor Device Technologies and Applications
  • SECURWARE 2021, The Fifteenth International Conference on Emerging Security Information, Systems and Technologies
  • AFIN 2021, The Thirteenth International Conference on Advances in Future Internet
  • CENICS 2021, The Fourteenth International Conference on Advances in Circuits, Electronics and Micro-electronics
  • ICQNM 2021, The Fifteenth International Conference on Quantum, Nano/Bio, and Micro Technologies
  • FASSI 2021, The Seventh International Conference on Fundamentals and Advances in Software Systems Integration
  • GREEN 2021, The Sixth International Conference on Green Communications, Computing and Technologies

TrendNews 2021 Congress
November 14, 2021 to November 18, 2021 - Athens, Greece

  • CORETA 2021, Advances on Core Technologies and Applications
  • DIGITAL 2021, Advances on Societal Digital Transformation

 


ThinkMind // International Journal On Advances in Networks and Services, volume 6, numbers 1 and 2, 2013 // View article netser_v6_n12_2013_1


Sun Behind Clouds - On Automatic Cloud Security Audits and a Cloud Audit Policy Language

Authors:
Frank Doelitzscher
Thomas Ruebsamen
Tina Karbe
Martin Knahl
Christoph Reich
Nathan Clarke

Keywords: Cloud computing, security policies, Cloud audits, agents

Abstract:
Studies show that when it comes to an integration of Cloud computing into enterprises, chief information officers and management still see some dark Clouds on the horizon. The biggest one is the lack of security, which results in distrust and skepticism against the technology, mainly originating from an intransparency of Cloud environments. To increase this transparency, the Cloud Research Lab at Furtwangen University develops the Security Audit as a Service (SAaaS) architecture for Infrastructure as a Service Cloud environments. It is targeted to ensure that a desired security level is reached and maintained within a frequently changing Cloud infrastructure. Despite a traditional security audit, which includes a comprehensive and therefore time-consuming security check of a whole infrastructure, a Cloud security audit needs to be lightweight enough to be executed right after an infrastructure change occurred, and precisely target-oriented to perform an audit of the specific infrastructure components affected by this change. This is called a concurrent security audit. In this paper, a Cloud audit policy language for the SAaaS architecture gets presented. First, the design and implementation of the automated audit system of virtual machine images, which ensures legal and company policies, is described. Second, on-demand deployed software audit agents that maintain and validate the security compliance of running Cloud services, are discussed.

Pages: 1 to 16

Copyright: Copyright (c) to authors, 2013. Used with permission.

Publication date: June 30, 2013

Published in: journal

ISSN: 1942-2644

SERVICES CONTACT
2010 - 2017 © ThinkMind. All rights reserved.
Read Terms of Service and Privacy Policy.