Abstract
The evolution of software service delivery has changed the way accountability is performed. The complexity related to cloud computing environments increases the difficulty in properly performing accountability, since the evidences are spread through the whole infrastructure, from different servers at physical, virtualization, and application layers. This complexity increases when we are considering cloud federation because besides the inherent complexity of the virtualized environment, the federation members may not implement the same security procedures and policies. The main objective of this chapter is to present concepts about cloud security, discussing why accountability in federated scenarios is important and hard to provide, and propose an accountability framework, named CloudAcc, that supports audit, management, planning and billing process in federated cloud environments.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Aoyama, T., & Sakai, H. (2011). Inter-cloud-computing. Wirtschaftsinformatik, 53(3), 171–175.
Ardagna, C. A., Asal, R., Damiani, E., & Vu, Q. H. (2015). From security to assurance in the cloud: A survey. ACM Computing Surveys (CSUR), 48(1), 2.
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., et al. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50–58.
Avetisyan, A. I., Campbell, R., Lai, K., Lyons, M., Milojicic, D. S., Lee, H. Y., Soh, Y. C., Ming, N. K., Luke, J. -Y., & Namgoong, H. et al. (2010). Open cirrus: A global cloud computing testbed. IEE Computer Society, 43(4), 35–43.
Barreto, L., Fraga, J., & Siqueira, F. (2015). Cloud federations and security attributes. In 2015 XXXIII Brazilian Symposium on Computer Networks and Distributed Systems (SBRC) (pp. 140–149). New York: IEEE.
Buyya, R., Ranjan, R., & Calheiros, R. N. (2010). Intercloud: Utility-oriented federation of cloud computing environments for scaling of application services. In Algorithms and architectures for parallel processing (pp. 13–31). Heidelberg: Springer.
Castelluccia, C., Druschel, P., Hübner, S., Pasic, A., Preneel, B., & Tschofenig, H. (2011). Privacy, accountability and trust-challenges and opportunities. ENISA [Online]. Available: http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/pat-study/atdownload/fullReport.
Dagger, D., O’Connor, A., Lawless, S., Walsh, E., & Wade, V. P. (2007). Service-oriented e-learning platforms: From monolithic systems to flexible services. Internet Computing, IEEE, 11(3), 28–35.
Erl, T. (2008). Soa: Principles of service design (Vol. 1). Upper Saddle River: Prentice Hall.
Farina, J., Scanlon, M., Le-Khac, N. -A., Kechadi, M., et al. (2015). Overview of the forensic investigation of cloud services. In 2015 10th International Conference on Availability, Reliability and Security (ARES) (pp. 556–565). New York: IEEE.
Fernandes, D. A.B., Soares, L. F. B., Gomes, J. V., Freire, M. M., Inácio, P. R. M. (2014). Security issues in cloud environments: A survey. International Journal of Information Security, 13(2), 113–170.
Fernandez, E. B., Monge, R., & Hashizume, K. (2016). Building a security reference architecture for cloud systems. Requirements Engineering, 21(2), 225–249.
Koppell, J. G. S. (2005). Pathologies of accountability: Icann and the challenge of “multiple accountabilities disorder”. Public Administration Review, 65(1), 94–108.
Malhotra, A., Van Gundy, M., Varia, M., Kennedy, H., Gardner, J., & Goldberg, S. (2016). The security of NTP’s datagram protocol. Cryptology ePrint Archive, Report 2016/055. http://eprint.iacr.org/2016/055.
Mell, P., & Grance, T. (2011). The NIST definition of cloud computing [online]. Available: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.
Nakahara, S., & Ishimoto, H. (2010). A study on the requirements of accountable cloud services and log management. In 2010 8th Asia-Pacific Symposium on Information and Telecommunication Technologies (APSITT) (pp. 1–6). New York: IEEE.
National Security Agency and Central Security Service. (2016). Information assurance directorate. https://cryptome.org/2016/01/CNSA-Suite-and-Quantum-Computing-FAQ.pdf, Accessed: 2016-09-27.
NIST. (2010). Cloud computing. https://www.nist.gov/itl/cloud-computing. Accessed: 2016-05-27.
Pawluk, P., Simmons, B., Smit, M., Litoiu, M., & Mankovski, S. (2012). Introducing stratos: A cloud broker service. In 2012 IEEE Fifth International Conference on Cloud Computing (pp. 891–898). New York: IEEE.
Rochwerger, B., Breitgand, D., Levy, E., Galis, A., Nagin, K., Llorente, I. M., Montero, R., Wolfsthal, Y., Elmroth, E., Caceres, J., et al. (2009). The reservoir model and architecture for open federated cloud computing. IBM Journal of Research and Development, 53(4), 4–1.
Rodrigues, T. G. (2016). Cloudacc: A cloud-based accountability frameworkfor federated cloud. PhD Thesis.
Sklavos, N., & Souras, P. (2006). Economic models & approaches in information security for computer networks. IJ Network Security, 2(1), 14–20.
Toosi, A. N., Calheiros, R. N., Buyya R. (2014). Interconnected cloud computing environments: Challenges, taxonomy, and survey. ACM Computing Surveys (CSUR), 47(1), 7.
Yao, J., Chen, S., Wang, C., Levy, D., & Zic, J. (2010). Accountability as a service for the cloud. In 2010 IEEE International Conference on Services Computing (SCC) (pp. 81–88). New York: IEEE.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Rodrigues, T.G., Endo, P.T., Beserra, D.W.S.C., Sadok, D., Kelner, J. (2018). Accountability for Federated Clouds. In: Daimi, K. (eds) Computer and Network Security Essentials. Springer, Cham. https://doi.org/10.1007/978-3-319-58424-9_33
Download citation
DOI: https://doi.org/10.1007/978-3-319-58424-9_33
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-58423-2
Online ISBN: 978-3-319-58424-9
eBook Packages: EngineeringEngineering (R0)