Cloud runtime framework for user-level security auditing for the cloud system

Abstract

In recent years, For almost all IT services, cloud computing has emerged as an indispensable solution because of its ease of implementation and accessibility and the services that it provides connecting millions of users over the internet. However, the widespread adoption of cloud services into the technologies has its own difficulties starting from lack of transparency and accountability to threats and vulnerabilities. Traditional auditing techniques have its set of challenges which include lack of heterogeneity and data inconsistency. Runtime auditing techniques offer a solution to counter these problems although existing techniques cannot provide a practical solution when large clouds containing numerous datasets are concerned. This paper proposes a runtime auditing framework at user-level to improve security at the most vulnerable stage of the cloud architecture. It focuses on authentication and common access control mechanisms to implement an OpenStack based framework which is a widely deployed cloud management system. The focus is to reduce the response time and perform operations in a more effective and efficient manner. This helps to implement auditing on large cloud environments in a realistic time frame making the whole auditing process more efficient.