Security Monitoring SLA Verification in Clouds: the Case of Data Integrity

Amir Teshome Wonjiga 1 Louis Rilling 1 Christine Morin 1
1 MYRIADS - Design and Implementation of Autonomous Distributed Systems
Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : The cloud computing business model introduced a new paradigm in terms of ownership of a system. Before the cloud, a user acquires physical infrastructure and uses it by installing and configuring according to her/his needs. In that scenario, the full system is owned by a single entity. In the cloud, when the user outsources a service for a cloud provider the user owns some part of the system while the provider owns the remaining part. Thus, ownership in the cloud is divided between different entities. Clients hosting their information system need to trust and rely on what the providers claim. At the same time providers try to give assurance for some aspects of the provided service (e.g. availability) through service level agreements (SLAs). We aim at extending SLAs to include security monitoring terms. In a previous study [1] we proposed an SLA verification method for security monitoring SLAs describing the performance on an NIDS. In this paper we consider an SLA guaranteeing the integrity of tenants’ data stored in the cloud. The tenant outsources data storage service to a Storage as a Service cloud provider. In such a system the data is owned by the tenant while the provider owns the infrastructure. We consider an SLA offered by the provider to guarantee the integrity of tenants’ data. In this paper, we propose a verification method, i.e. an integrity checking method, which is based on a distributed ledger. Specifically, our proposed method allows both providers and tenants to perform integrity checking without one party relying on the other. The method uses a blockchain as a distributed ledger to store evidences of data integrity. Assuming the ledger as a secure, trusted source of information, the evidence can be used to resolve conflicts between providers and tenants. In addition, we present a prototype implementation and an experimental evaluation to show the feasibility of our verification method and to measure the time overhead introduced.
Document type :
Reports
Complete list of metadatas

Cited literature [35 references]  Display  Hide  Download

https://hal.inria.fr/hal-02084186
Contributor : Amir Teshome Wonjiga <>
Submitted on : Friday, March 29, 2019 - 2:35:39 PM
Last modification on : Friday, September 13, 2019 - 9:51:33 AM
Long-term archiving on : Sunday, June 30, 2019 - 2:51:14 PM

File

RR-9267.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02084186, version 1

Citation

Amir Teshome Wonjiga, Louis Rilling, Christine Morin. Security Monitoring SLA Verification in Clouds: the Case of Data Integrity. [Research Report] RR-9267, Inria Rennes - Bretagne Atlantique. 2019, pp.1-29. ⟨hal-02084186⟩

Share

Metrics

Record views

110

Files downloads

143