An effective auditing scheme for cloud computing

Ryan Houlihan, Xiaojiang Du

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

8 Scopus citations

Abstract

In this paper, we present a novel secure auditing scheme for cloud computing systems. Several auditing schemes have been proposed for the cloud, which periodically trigger the auditing function. These schemes are designed to monitor the performance and behavior of the cloud. One major problem with these kind of schemes is that they are vulnerable to the transient attack (also known as the timed scrubbing attack). Our secure auditing scheme is able to prevent the transient attack via modification of the Linux auditing daemon - auditd, which creates attestable logs. Our scheme utilizes the System Management Mode (SMM) for integrity checks and the Trusted Platform Module (TPM) chip for attestable security. Specifically, we modify the auditing daemon protocol such that it records a hash of each audit log entry to the TPM's Platform Configuration Register (PCR), which gives us an attestable history of every command executed on the cloud server. We perform real experiments on two cloud servers and the results show that the overhead of our scheme is very small.

Original languageEnglish
Title of host publication2012 IEEE Global Communications Conference, GLOBECOM 2012
Pages1599-1604
Number of pages6
DOIs
StatePublished - 2012
Event2012 IEEE Global Communications Conference, GLOBECOM 2012 - Anaheim, CA, United States
Duration: 3 Dec 20127 Dec 2012

Publication series

NameProceedings - IEEE Global Communications Conference, GLOBECOM
ISSN (Print)2334-0983
ISSN (Electronic)2576-6813

Conference

Conference2012 IEEE Global Communications Conference, GLOBECOM 2012
Country/TerritoryUnited States
CityAnaheim, CA
Period3/12/127/12/12

Keywords

  • Cloud computing
  • auditing
  • performance

Fingerprint

Dive into the research topics of 'An effective auditing scheme for cloud computing'. Together they form a unique fingerprint.

Cite this