A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
Cloud Monitoring And Forensic Using Security Metrics
1. CLOUD MONITORING AND
FORENSIC USING
SECURITY METRICS
Presented By:
Sandeep Saxena
Co-Author:
Goutam Sanyal
Galgotias college of Engineering & Technology, Greater Noida, India
2. Contents
INTRODUCTION
ANALYSIS OF PREVIOUS RESEARCHES
PROPOSED METHODOLOGY
PROPOSED GENERIC MODEL FOR CLOUD
MONITORING AND FORENSICS
CONCLUSION AND FUTURE WORK
REFRENCES
3. Introduction
Cloud computing is a new emerging technology in the era of
science. This immediately brings up several important
questions like-
Why we use cloud computing?
Is it real, or just another catchphrase?
How does it affect us?
Cloud Computing : Cloud paradigm is used to enable
expedient, on-demand network (cloud) access to a public
pool of configurable computing resources ( e.g. networks,
services, storage, application and services) that can be fast
stipulated and released with minimal management effort or
service provider interaction.
4. 2 types of cloud:
1. Public Cloud
2. Private cloud
Figure 1 : Public cloud ( Service Provider) and Private Cloud ( On-
Premises)
5. Analysis of Previous Research
Validation security design is based on model and
methodology approaches. For example NIST
Security made presents telecommunication architecture as
combination of 3 layers:
a. Infrastructure level: The set of hardware and software
components that provide telecommunication
functionality.
b. Service level: Billed customer traffic flows.
c. Application level: It motivates users to pay for the control
layer services.
6. Security Issues : Confidentiality , Integrity , Availability
For such issues , we need to monitor the user’s activity as
prevention measure to provide security to other users on
network.
Monitoring and Forensic is major concern of security for
taking appropriate action against intruder or attackers.
Architectural services of cloud computing:
a) Software-as-a-Service (SaaS): Salesforce.com, GoogleApps
etc.
b) Platform-as-a-Service(PaaS):Google Apps Engine
c) Infrastructure-as-a-service(IaaS): Amazon web services
7. According to Jennifer Bayuk : Iaas service provides
secure network and storage services and Saas provides
secure application service.
According to D.Zissis and D.Lekkas : Trusted third part
implemented to provide strong authentication for financial
transaction, authorization, data confidentiality and non
repudiation.
According to Gary C. Kessler: Find root cause of
forensics.
According to M. Tayor: Forensic experts install packet
sniffers and monitoring tools on targeted machine to collect
information. In private cloud it would be easy but in a
public cloud it will be more difficult.
8. Proposed Methodology
Monitor Consumer Activity and
Save Session log Records
Find any Malicious activity Match with
Signature
Automated Forensic System will be
activated to Store All Activities and Data
in Metrics
Stop Remote Access OR outside the
cloud services ( at the same time
massage send to consumer on phone
and Email )
Administrator check security metrics and
collect Data then send to higher authority
for legal Processing
Figure 2 : Monitoring and Forensic Methodology
9. Proposed Generic Model for Cloud
Computing and Forensics
Here we proposed an complete architecture to provide
service to our consumer included secure monitoring and
forensic system.
Service level agreement ( SLA ) : Signed by Consumer.
In our architecture , we used Host- based IDS for
monitoring of incoming and outgoing network
communication on consumer system. IDS includes both
anomaly detection and misuse detection techniques for
identifying activities on host system.
It includes 6 steps which are shows in figure 2.
11. Conclusion and Future work
We proposed a forensic methodology to assure the
confidentiality of user of cloud.
Create security matrix and audit trail for investigation.
Establish service level agreement (SLA) with customer.
In future, focus on rule base security matrix and integrity
of user’s data.
12. References
[1] Cary Landis and Dan Blacharski,“Cloud Computing
Made Easy” , Version 0.3.
[2] G. Stoneburner, “Underlying Technical Models for
Information Technology Security,” National Institute of
Standards and Technology, 2001
[3] G. McGraw, Software Security: Addison-Wesley,2006
[4] Google App Engine, http://appengine.google.com
[5]Amazon Elastic Compute Cloud(EC2),
http://www.amazon.com/ec2
[6]Gary C. Kessler, “Anti-Forensic and the Digital
Investigator” Champlain College Burlington, VT , USA
Edith Cowan University, Mount Lawley, WA, Australia
13. [7] CSA cloud Security Alliance, top Threats to cloud
Computing V1.0, 2010
[8] Shaftab Ahmad and M. yahin Akhtar Raja, “Tackling
Cloud Security Issues And Forensic Model”, IEEE 2010
[9] Jennifer Bayuk, “Cloud Security Metrics”, 6th
International Conference on System of Systems
Engineering, Albuquerque, New Mexico, USA –June 27-
30,2011 (IEEE)
[10] D. Zissis and D. Lekkas , “Addressing Cloud
Computing Security issues”, Future Generation Computer
System (2011) Elsevier, doi:10.1016/j.future.2010.12.006
[11] M.Tayor, J. Haggerty, D. Gresty and R. Hegarty,
“Digital evidence in cloud computing systems”, Computer
Law and Security Review 26 (2010)