Ensuring Distributed Accountability for Data Sharing in the Cloud

IntroductionCloud Computing

Features of Cloud Computing

1) Scalability

2)Resource Virtualization

MotivationClient Fears of Loosing Control on

Data.

Question about (Cloud Service

Provider)CSP reliability

Significant Barriers for Cloud

Computing

Related WorkInformation Accountability[1]

Accountability mechanisms and

Privacy Manager[2]

Logic for Auditing Accountability in

Decentralized Systems[3]

Accountable Grid Computing

System[4]

Cont.Security Applications in JAVA using Self-

Depending Objects[SDO][5]

Proof-Carrying authentication (PCA)[6]

Identity-Based Encryption[7]

Current access control mechanism[8]

ProposalDecentralized TechniqueData Access automatic loggingReliable Log files Delivery of log files to Data Owner. 1)Push Mode 2)Pull Mode

Hardware RequirementTwo or more systems of following

config.

Processor - Pentium IV onwards

RAM- 512 MB DD RAM

Hard Disk- 20 GB

System Architecture

Software RequirementsOperating System :Windows95/98/2000/XP Application Server : Tomcat5.0/6.X Front End : HTML, Java Server Sidé Script : Java Server Pages. Database : MySQL 5.0 Database Connectivity : JDBC.Cloud Services: Any cloud service provider.

Flowchart1

Flowchart2

Algorithms IBE Key Generation Algorithm

SAML-Based Authentication

Algorithm

Push And Pull Pure Log mode for log

record generation

Logging Algorithm

Data flow Diagram

Use Case Diagram

ConclusionWe proposed innovative approach:

CAI framework and use of JAR file,

for automatically logging any access

to the data in the cloud together with

an auditing mechanism.

References[1] “Information Accountability,” Comm.ACM, vol. 51,

no. 6, pp. 82-87, 2008.[2] “Accountability as a Way Forward for Privacy

Protection in the Cloud,” Proc. First Int’l Conf. Cloud Computing,09.

[3] Logic for Auditing Accountability in Decentralized Systems,” Proc. IFIP TC1 WG1.7 Workshop Formal Aspects in Security and Trust , pp. 187-201, 2005.

[4] The Design and Evaluation of Accountable Grid Computing System,” Proc. 29thIEEE Int’l Conf. Distributed Computing Systems (ICDCS ’09),pp. 145-154, 2009.

References[5]“Using Self-Defending Objects to Develop Security

Aware Applications in Java,” Proc. 27th Australasian Conf. Computer Science, vol. 26,pp. 341-349, 2004

[6] An Open Framework for Foundational Proof-Carrying Code,” Proc. ACM SIGPLAN Int’l Workshop Types in Languages Design and Implementation, pp. 67-78,2007.

[7]“Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services,” Proc. Int’l Workshop Database and Expert Systems Applications (DEXA), pp. 377-382, 2003.

References[8]“Usage Control Enforcement: Present and

Future,” IEEE Security & Privacy, vol. 6, no. 4, pp. 44-53, July/Aug. 2008.