Cloudopsy: An autopsy of data flows in the cloud

Angeliki Zavou, Vasilis Pappas, Vasileios P. Kemerlis, Michalis Polychronakis, Georgios Portokalidis, Angelos D. Keromytis

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

10 Scopus citations

Abstract

Despite the apparent advantages of cloud computing, the fear of unauthorized exposure of sensitive user data [3,4,8,13] and non-compliance to privacy restrictions impedes its adoption for security-sensitive tasks. For the common setting in which the cloud infrastructure provider and the online service provider are different, end users have to trust the efforts of both of these parties for properly handling their private data as intended. To address this challenge, in this work, we take a step towards elevating the confidence of users for the safety of their cloud-resident data by introducing Cloudopsy, a service with the goal to provide a visual autopsy of the exchange of user data in the cloud premises. Cloudopsy offers a user-friendly interface to the customers of the cloud-hosted services to independently monitor and get a better understanding of the handling of their cloud-resident sensitive data by the third-party cloud-hosted services. While the framework is targeted mostly towards the end users, Cloudopsy provides also the service providers with an additional layer of protection against illegitimate data flows, e.g., inadvertent data leaks, by offering a graphical more meaningful representation of the overall service dependencies and the relationships with third-parties outside the cloud premises, as they derive from the collected audit logs. The novelty of Cloudopsy lies in the fact that it leverages the power of visualization when presenting the final audit information to the end users (and the service providers), which adds significant benefits to the understanding of rich but ever-increasing audit trails. One of the most obvious benefits of the resulting visualization is the ability to better understand ongoing events, detect anomalies, and reduce decision latency, which can be particularly valuable in real-time environments.

Original languageEnglish
Title of host publicationHuman Aspects of Information Security, Privacy, and Trust - First International Conference, HAS 2013, Held as Part of HCI International 2013, Proceedings
Pages366-375
Number of pages10
DOIs
StatePublished - 2013
Event1st International Conference on Human Aspects of Information Security, Privacy, and Trust, HAS 2013, Held as Part of 15th International Conference on Human-Computer Interaction, HCI 2013 - Las Vegas, NV, United States
Duration: 21 Jul 201326 Jul 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8030 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference1st International Conference on Human Aspects of Information Security, Privacy, and Trust, HAS 2013, Held as Part of 15th International Conference on Human-Computer Interaction, HCI 2013
Country/TerritoryUnited States
CityLas Vegas, NV
Period21/07/1326/07/13

Fingerprint

Dive into the research topics of 'Cloudopsy: An autopsy of data flows in the cloud'. Together they form a unique fingerprint.

Cite this