TrustCloud: A Framework for Accountability and Trust in Cloud Computing
Ko, Ryan K L; Jagadpramana, Peter; Mowbray, Miranda; Pearson, Siani; Kirchberg, Markus; Liang, Qianhui; Lee, Bu Sung
Keyword(s): trust in cloud computing, logging, auditability, accountability, data provenance, continuous auditing and monitoring, governance
Abstract: The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential customers. While preventive controls for security and privacy measures are actively being researched, there is still little focus on detective controls related to cloud accountability and auditability. The complexity resulting from the sheer amount of virtualization and data distribution carried out in current clouds has also revealed an urgent need for research in cloud accountability, as has the shift in focus of customer concerns from server health and utilization to the integrity and safety of end-users' data. This paper discusses key challenges in achieving a trusted cloud through the use of detective controls, and presents the TrustCloud framework, which addresses accountability in cloud computing via technical and policy-based approaches.
Additional Publication Information: To be published and presented at the 2nd IEEE Cloud Forum for Practitioners (IEEE ICFP 2011), Washington DC, USA, July 7-8, 2011.
External Posting Date: June 22, 2011 [Fulltext]. Approved for External Publication
Internal Posting Date: March 21, 2011 [Fulltext]