TY - GEN
T1 - Accountable clouds
AU - Gehani, Ashish
AU - Ciocarlie, Gabriela F.
AU - Shankar, Natarajan
PY - 2013
Y1 - 2013
N2 - An increasing number of organizations are migrating their critical information technology services, from healthcare to business intelligence, into public cloud computing environments. However, even if cloud technologies are continuously evolving, they still have not reached a maturity level that allows them to provide users with high assurance about the security of their data beyond existent service level agreements (SLAs). To address this limitation, we propose a suite of mechanisms that enhances cloud computing technologies with more assurance capabilities. Assurance becomes a measurable property, quantified by the volume of evidence to audit and retain in a privacy-preserving and nonrepudiable fashion. By proactively collecting potential forensic evidence, the cloud becomes more accountable, while providing its regular services. In the case of a security breach, the cloud provides the appropriate reactive security framework for validating or repudiating claims. Moreover, different levels of assurance relate to different levels of storage and privacy protection requested by users, leading to an assurance-based price model for cloud services.
AB - An increasing number of organizations are migrating their critical information technology services, from healthcare to business intelligence, into public cloud computing environments. However, even if cloud technologies are continuously evolving, they still have not reached a maturity level that allows them to provide users with high assurance about the security of their data beyond existent service level agreements (SLAs). To address this limitation, we propose a suite of mechanisms that enhances cloud computing technologies with more assurance capabilities. Assurance becomes a measurable property, quantified by the volume of evidence to audit and retain in a privacy-preserving and nonrepudiable fashion. By proactively collecting potential forensic evidence, the cloud becomes more accountable, while providing its regular services. In the case of a security breach, the cloud provides the appropriate reactive security framework for validating or repudiating claims. Moreover, different levels of assurance relate to different levels of storage and privacy protection requested by users, leading to an assurance-based price model for cloud services.
UR - https://www.scopus.com/pages/publications/84893323615
UR - https://www.scopus.com/pages/publications/84893323615#tab=citedBy
U2 - 10.1109/THS.2013.6699038
DO - 10.1109/THS.2013.6699038
M3 - Conference contribution
AN - SCOPUS:84893323615
SN - 9781479915354
T3 - 2013 IEEE International Conference on Technologies for Homeland Security, HST 2013
SP - 403
EP - 407
BT - 2013 IEEE International Conference on Technologies for Homeland Security, HST 2013
T2 - 2013 13th IEEE International Conference on Technologies for Homeland Security, HST 2013
Y2 - 12 November 2013 through 14 November 2013
ER -